Request SSL certificate for Linux machine from Microsoft Certification Authority

Posted: February 14, 2020 in Windows Server

Creating certificate request

  1. “Certificate Signing Request” (CSR) is generated using the public key and some information about the identity.
  2. The certification authority uses information from the CSR, its own public key, authorization information, and a “signature” generated by its private key to issue a certificate.

On linux machine, create certification request including subject alternate name:

openssl req -new -sha256 -nodes -days 1095 -out \nagios.csr -newkey rsa:2048 -keyout \nagios.key -config <(                            
cat <<-EOF
[req]
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
C=SR
L=Zemoon
CN = nagios.test.com
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = nagios.test.coml
IP.1 = 192.168.1.102
EOF
)

Transfer csr file to Windows Issuing Certificate Authority

On CA, list available templates:

Get-CATemplate

Generate certificate

certreq -submit -attrib "CertificateTemplate:template_name"

You’ll be prompted for csr file

Then select certification authority

Certificate will be created with cer extension

Now move file to linux system and copy cer and key files to path specified in configuration files

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s