Posted by Last week, I was getting a Web server certificate in our PKI environment for our new WSUS deployment. When submitting my csr file with the web server template, I faced some dumb error which has cost me some hours. So maby i can short your troubleshooting with this write.
My faulty command:
|
1 |
certreq -submit -attrib "CertificateTemplate:Web Server V2" certreq_new_wsus.csr |
The fault: you must use the CN of the template (no space name) rather than the Display Name (with spaces).
Working command:
|
1 |
certreq -submit -attrib "CertificateTemplate:WebServerV2" certreq_new_wsus.csr |
thanks! we were going round and round with the same error. We thought it was due to the CA computer account not having read access to the specific template (as suggested by numerous other sites), but Auth Users was listed with Read access. We couldn’t figure out why we couldn’t enroll for a cert. This tip resolved it and probably saved us hours of troubleshooting!
Same for me, haha. Glad I could help.
Thank You! Save lots of time of chasing permissions and Server Settings.
Thank you! had this problem, spent a couple of hours troubleshooting and searching online with no solution and was getting really frustrated. Finally stumble on this page and of course it was the right answer. Big relief.
Thank you. I was hitting this problem and the error was not helpful at all.
finally got a solution. Thanks