If you want to secure Exchange 2010 with SSL you can have your own Enterprise CA issue a certificate.
However when you try to issue it with the CA MMC, you may receive this error message:
Certificate Request Processor
The request contains no certificate template information. 0x80094801 (-2146875391)
The trick is to use the certreq command-line tool instead. Here is a example of the syntax:
certreq -submit -attrib "CertificateTemplate: WebServer" WebServerCertReq.txt
where WebServerCertReq.txt is the name of the request file from your Exchange certificate.
Thanks to David Rawling and his excellent "Deliberations from Dave" blog. Here is a link to his original post: http://pdconsec.net/certificates-the-request-contains-no-certificate-template.aspx
To generate a CSR from openssl on Linux use this command line:
openssl req -new -newkey rsa:2048 -nodes -out csr_request.csr -keyout privatekey.key -subj "/C=CA/ST=QC/L=MONTREAL/O=domain.com/OU=HEAD OFFICE/CN=host.domain.com"
where:
csr_request.csr: the name of the CSR file generated
privatekey.key: the name of the private key file generated
/C= : country code
/ST : state or province code
/L= : city
/O= : Organisation
/OU= : Organisational Unit
/CN= : The URL you use to access the web server
Subscribe to:
Post Comments (Atom)
6 comments:
Thank you ...This post helped me to fix my issue as well.
Thanks, the certreq command line worked when all else failed!
thanks mate, helpful information.
Wow, saved me a lot of trouble :D
It works!
Thanks a lot man,You saved my life!
Even more useful method then technet soloution!!
you are the best! thank you, it's helped.
Post a Comment