Request SSL certificate for Linux machine from Microsoft Certification Authority

Posted: February 14, 2020 in Windows Server

Creating certificate request

  1. “Certificate Signing Request” (CSR) is generated using the public key and some information about the identity.
  2. The certification authority uses information from the CSR, its own public key, authorization information, and a “signature” generated by its private key to issue a certificate.

On linux machine, create certification request including subject alternate name:

openssl req -new -sha256 -nodes -days 1095 -out \nagios.csr -newkey rsa:2048 -keyout \nagios.key -config <(                            
cat <<-EOF
default_bits = 2048
prompt = no
default_md = sha256
req_extensions = req_ext
distinguished_name = dn
[ dn ]
CN =
[ req_ext ]
subjectAltName = @alt_names
[ alt_names ]
DNS.1 = nagios.test.coml
IP.1 =

Transfer csr file to Windows Issuing Certificate Authority

On CA, list available templates:


Generate certificate

certreq -submit -attrib "CertificateTemplate:template_name"

You’ll be prompted for csr file

Then select certification authority

Certificate will be created with cer extension

Now move file to linux system and copy cer and key files to path specified in configuration files

  1. LittleJim says:

    You say;



    certreq -submit -attrib “CertificateTemplate:template_name”

    Which template? Just pick any random one?


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s