diff --git a/roles/ActiveDirectory/files/certRequest.inf b/roles/ActiveDirectory/files/certRequest.inf
new file mode 100644
index 0000000000000000000000000000000000000000..c91eb4906cc2dfde7ce359a48392e180dbdd2b39
--- /dev/null
+++ b/roles/ActiveDirectory/files/certRequest.inf
@@ -0,0 +1,33 @@
+;----------------- request.inf -----------------
+
+[Version]
+
+Signature=$Windows NT$
+
+[NewRequest]
+
+Subject = "CN=develop-dc-01.develop.local" ; replace with the FQDN of the DC
+KeySpec = 1
+KeyLength = 2048
+; Can be 1024, 2048, 4096, 8192, or 16384.
+; Larger key sizes are more secure, but have
+; a greater impact on performance.
+Exportable = TRUE
+MachineKeySet = TRUE
+SMIME = False
+PrivateKeyArchive = FALSE
+UserProtected = FALSE
+UseExistingKeySet = FALSE
+ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
+ProviderType = 12
+RequestType = PKCS10
+KeyUsage = 0xa0
+
+[EnhancedKeyUsageExtension]
+
+OID=1.3.6.1.5.5.7.3.1
+
+;[Extensions]
+;OID=1.3.6.1.5.5.7.3.1
+
+;-----------------------------------------------
diff --git a/roles/ActiveDirectory/files/v3ext.txt b/roles/ActiveDirectory/files/v3ext.txt
new file mode 100644
index 0000000000000000000000000000000000000000..bcf595a2702048c8732df56869dcb3858e956cc2
--- /dev/null
+++ b/roles/ActiveDirectory/files/v3ext.txt
@@ -0,0 +1,3 @@
+ keyUsage=digitalSignature,keyEncipherment
+ extendedKeyUsage=serverAuth
+ subjectKeyIdentifier=hash