From 081690f935bd152a90b3f82b6aadd6c2d00a2cf1 Mon Sep 17 00:00:00 2001 From: Craig Benner Date: Wed, 28 Jun 2017 10:21:10 -0400 Subject: [PATCH] certRequest.inf --- roles/ActiveDirectory/files/certRequest.inf | 33 +++++++++++++++++++++ roles/ActiveDirectory/files/v3ext.txt | 3 ++ 2 files changed, 36 insertions(+) create mode 100644 roles/ActiveDirectory/files/certRequest.inf create mode 100644 roles/ActiveDirectory/files/v3ext.txt diff --git a/roles/ActiveDirectory/files/certRequest.inf b/roles/ActiveDirectory/files/certRequest.inf new file mode 100644 index 0000000..c91eb49 --- /dev/null +++ b/roles/ActiveDirectory/files/certRequest.inf @@ -0,0 +1,33 @@ +;----------------- request.inf ----------------- + +[Version] + +Signature=$Windows NT$ + +[NewRequest] + +Subject = "CN=develop-dc-01.develop.local" ; replace with the FQDN of the DC +KeySpec = 1 +KeyLength = 2048 +; Can be 1024, 2048, 4096, 8192, or 16384. +; Larger key sizes are more secure, but have +; a greater impact on performance. +Exportable = TRUE +MachineKeySet = TRUE +SMIME = False +PrivateKeyArchive = FALSE +UserProtected = FALSE +UseExistingKeySet = FALSE +ProviderName = "Microsoft RSA SChannel Cryptographic Provider" +ProviderType = 12 +RequestType = PKCS10 +KeyUsage = 0xa0 + +[EnhancedKeyUsageExtension] + +OID=1.3.6.1.5.5.7.3.1 + +;[Extensions] +;OID=1.3.6.1.5.5.7.3.1 + +;----------------------------------------------- diff --git a/roles/ActiveDirectory/files/v3ext.txt b/roles/ActiveDirectory/files/v3ext.txt new file mode 100644 index 0000000..bcf595a --- /dev/null +++ b/roles/ActiveDirectory/files/v3ext.txt @@ -0,0 +1,3 @@ + keyUsage=digitalSignature,keyEncipherment + extendedKeyUsage=serverAuth + subjectKeyIdentifier=hash -- GitLab