How to install the response from a CA programmatically (PowerShell)

Hi all,   The other day a customer of mine was creating a SSL certificate request with IIS Manager (inetmgr.exe) with “Create Certificate Request…” action in the Server Certificates section. He was sending that request to a Certificate Authority, and he wanted to programmatically install the .cer file with the response from the CA the…


How to add Issuer Alternative Name to your certificate request (C#)

Hi all,   A customer of mine wanted to set Issuer Alternative Name (XCN_OID_ISSUER_ALT_NAME2 – “2.5.29.18”) extension to his certificate requests in C# in the same way we did this, and he didn’t know how: How to add Subject Alternative Name to your certificate requests (C#) How to add Alternative Directory Name to your certificate…


How to export our enrolled certificates programmatically

Hi all,   If you are creating certificate requests to enroll certificates programmatically and using a code like the following: How to create a certificate request with CertEnroll and .NET (C#), you may need to export the enrolled certificate after you get the response from the Certificate Authority. You may export the certificate and its…


How to access Certificate Enrollment Web Services from non-domain joined computers

Hi all,   You may know already this white paper to configure the Certificate Enrollment Web Services: Certificate Enrollment Web Services in Windows Server 2008 R2 ” This paper explains how certificate enrollment Web services work in Windows Server 2008 R2. It also provides deployment guidance for certificate enrollment Web services in new and existing…


How to add Friendly Name to your enrolled certificates programmatically

Hi all,   One of my customers was creating certificate requests programmatically with CertEnroll and a code like the following: How to create a certificate request with CertEnroll and .NET (C#). He wanted to set Friendly Name for the enrolled certificate. Friendly Name is a property (and not an extension of the certificate) that can be…


How to add Alternative Directory Name to your certificate request (C#)

Hi all,   We’ve already seen How to add Subject Alternative Name to your certificate requests (C#). What if we want to set Alternative Directory Name (XCN_CERT_ALT_NAME_DIRECTORY_NAME) in addition to Subject Alternative Name (XCN_CERT_ALT_NAME_RFC822_NAME)?   The interface we use for the alternative names has different methods that we can use depending on the value we…


How to add Subject Alternative Name to your certificate requests (C#)

Hi all,   The other day a customer of mine wanted to add Subject Alternative Name (szOID_SUBJECT_ALT_NAME2 – “2.5.29.17”) extension to his certificate requests in C# and he didn’t know how. We have IX509ExtensionAlternativeNames interface for that, and a C++ sample can be found here: enrollCustomPKCS10 “When you install the Microsoft Windows Software Development Kit…