Certificate Templates
The mystery of “Valid existing certificate” setting in ADCS certificate templates – demystified
This is a follow-up of “Certificate renewal request is placed in pending state when Valid Existing Certificate is selected in certificate template” blog post and final nail into the subject. Let’s re-iterate the problem. ADCS Certificate Templates provide configuration for issuance requirements, which allows you to forcibly put request in pending state (no automatic issuance)…
Read MoreCertificate renewal request is placed in pending state when Valid Existing Certificate is selected in certificate template
Hello S-1-1-0, here is a new blog post in a long time. Today I want to talk about the issue when “Valid existing certificate” does not bypass CA Manager approval and/or enrollment agent requirement during certificate renewal in Microsoft CA. In certificate template settings, Issuance Requirements we can configure additional requirements for enrollment and re-enrollment…
Read MoreRegister TLS certificate with Remote Desktop Service using PowerShell
Hello everyone! This is a quick blog post that provides information on how to register TLS certificate with Remote Desktop Services (RDS). Starting with Windows Server 2008 R2 it became extremely easy to deploy RDS certificates to AD hosts from private CA using group policies and Microsoft CA. Since then RDS over TLS should be…
Read MorePowerShell PKI (PSPKI) 3.7 enhancements – security descriptors
Today I’m starting a series of blog posts where I will explore new features we have added to PowerShell PKI module, version 3.7. First post is dedicated to security descriptors. Major changes in PSPKI Within PSPKI module, we had an ability to manage security descriptors (access control lists) for Certification Authority can certificate template objects.…
Read MoreAnnouncing the Online PKI Assessmental Portal
I am extremely proud to announce that today we have launched our Online PKI Assessment Portal. This new service is the first of its kind to offer online, automated, self-paced review and assessments of Microsoft ADCS based PKIs. We have been performing onsite PKI Assessments for customers for years now. Typically focused on the design,…
Read More