Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Thursday, May 25, 2017 3:07 PM
I am trying to renew a certificate issued from Microsoft Certificate Authority.
I created a certificate request using certreq.exe and it is used to issue a certificate by using com api ICertRequest2.
Now I want to renew same certificate, I tried with different ways with no luck.
So please help me to create renew certificate request using certreq.exe so that I can use with same com api to renew it.
Here is inf file I tried to create renew request
[NewRequest]
Subject="CN=TestCN,O=TestOrg"
;RequestType=PKCS10
;RenewalCert="1f 00 00 00 68 d1 9e 63 ce e1 71 69 34 00 00 00 00 00 6b" ;When I tried this way it show dialog that no certificate found.
[RequestAttributes]
CertificateTemplate=WebServer
szOID_RENEWAL_CERTIFICATE= ;here tried to give old issued certificate
Friday, May 26, 2017 7:09 AM | 1 vote
Hi,
To renew an existing certificate
certreq –enroll –cert CertId [Options] Renew [ReuseKeys]
You can only renew certificates that are time valid. Expired certificates cannot be renewed and must be replaced with a new certificate.
Here an example of renewing a certificate using its serial number:
certreq –enroll -machine –cert "61 2d 3c fe 00 00 00 00 00 05" Renew
Best Regards
Cartman
Please remember to mark the replies as an answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com
Monday, May 29, 2017 1:36 PM
Thanks for your suggestion, but my requirement is little different.
I am already following a link "https://technet.microsoft.com/en-us/library/dn296456(v=ws.11).aspx"
My Requirement is to create a certificate request and dump to file, so that I can use it through com API to enroll and reenroll a certificate.
I used below command to generate certificate request
certreq.exe -new ..\..\temp\RequestConf.inf ..\..\temp\CertReq.req
The generated request works perfectly to enroll new certificate through COM APIs.
Now I want to renew it, so I make changes as specified in "https://social.technet.microsoft.com/Forums/windowsserver/en-US/1ea587c3-4e1e-435a-9b02-3ecf2d767535/use-certreqexe-to-renew-a-certificate-silently"
But when I try to create a request, it shows a dialog "No certificate found", So please provide a direction to proceed.
Tuesday, May 30, 2017 2:10 AM
Here you go !
Cheers,
Biswajit
Technical Consultant – Active Directory-Microsoft PKI-Windows 2012 R2
Linkedin:
Note: Posts are provided “AS IS” without warranty of any kind, either expressed or implied, including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.