Hi, I am a beginner when it comes to certificates so any guidance would be helpful.
We are setting up PKI certificates to use with Configuration Manager 2012 sp1.
We have created a new web server, workstation and client authentication certificate in the CA in a particular domain.
When we to go to the CA server web site and request a new cert, we don't see our Config Manager Client cert template shown.
What allows the template to show up in the list like that shown in the image below? We can see the other templates we created but not the one we are wanting.
Also, I want that same config manager client cert to be on all workstations including in the CA domain, a trusted DOMAIN2 and an untrusted domain? What is the best way to get this client cert to the second trusted domain2 and the untrusted domain?
We tried to create a INF like this...
;---------------CertificateRequestTemplate.inf--------------
[NewRequest]
Subject="CN=machine.domain.local"
KeySpec=1 ;key exchange
KeyUsage=0xf0
MachineKeySet=TRUE
[RequestAttributes]
CertificateTemplate=ConfigManagerClient
and run the following commands on a machine in the trusted DOMAIN2
CertReq -New -f certificaterequesttemplate.inf machinename.domain.req
CertReq -Submit -f -config caCertServerName machinename.domain.req machinename.domain.cer
certreq -accept machinename.domain.cer
But it says it cant find a template named ConfigManagerClient? Is it looking in the DOMAIN2 CA for this template?
Thanks
Thanks Lance