CSR Generation: Using certreq (Windows) - Powered by Kayako Help Desk Software


	Live Chat by LivePerson

News

Knowledgebase

CSR Generation: Using certreq (Windows)

This article is for administrators who prefer the command shell!

Save the following file as request.inf on your server editing the subject according to the comment:

;----------------- request.inf -----------------

[Version]
Signature="$Windows NT$"

[NewRequest]
;Change to your,country code, company name and common name
Subject = "C=US, O=Example Co, CN=something.example.com"

KeySpec = 1
KeyLength = 2048
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
HashAlgorithm = SHA256

[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication / Token Signing
;-----------------------------------------------

then run

C:\>certreq -new request.inf request.csr

Certificate Installation: Using certreq (Windows)

How to enable LDAP over SSL with a third-party certification authority (support.microsoft.com)

Certreq (technet.microsoft.com)

31337

(462 vote(s))

Helpful

Not helpful

Comments (1)

Namecheap Support

December 23 2016 03:49

According to https://technet.microsoft.com/en-us/library/dn296456(v=ws.11).aspx 'HashingAlgorithm' key does not exist. But there is 'HashAlgorithm' parameter though. Please correct the parameter name in the article.

Help Desk Software by Kayako

This article is for administrators who prefer the command shell!

Related Articles