W
Wayne Harris
Creating a hands off PKI install.
And Enterprise Root CA.
I need to set the DN to the following.
O=Parent Company
OU=Child Company
C=US
Somehow, i seem to only be able to set the CA's name. not the
Distinguished name. If I build the CA by hand, of course i can type
it in. But the automatic version of this seems to be tricky.
Here is my unattend.inf file:
[components]
certsrv=on
CertSrv_Server=on
CertSrv_Client=on
[Certsrv_Server]
CAType=EnterpriseRoot
CSPProvider="Microsoft Strong Cryptographic Provider"
HashAlgorithm=SHA1
KeyLength=2048
Locality="US"
Name="XYZ Corp Experimental CA R3"
Organization="Parent Corporation"
OrganizationUnit="Child Corp"
SharedFolder=c:\cainstall
UseSharedFolder=Yes
ValidityPeriod=5
ValidityPeriodUnits=Years
Here is my reference:
http://technet2.microsoft.com/windo...bc6f-411d-96a7-6cd0587c1dd91033.mspx?mfr=true
I am using the following command prompt to launch it.
sysocmgr /i:sysoc.inf /u:c:\cainstall\unattend.inf
Anyone ever set the CA's DN from an unattended install? if so, how?
-Wayne
wayne_a_harris@hotmail.com
And Enterprise Root CA.
I need to set the DN to the following.
O=Parent Company
OU=Child Company
C=US
Somehow, i seem to only be able to set the CA's name. not the
Distinguished name. If I build the CA by hand, of course i can type
it in. But the automatic version of this seems to be tricky.
Here is my unattend.inf file:
[components]
certsrv=on
CertSrv_Server=on
CertSrv_Client=on
[Certsrv_Server]
CAType=EnterpriseRoot
CSPProvider="Microsoft Strong Cryptographic Provider"
HashAlgorithm=SHA1
KeyLength=2048
Locality="US"
Name="XYZ Corp Experimental CA R3"
Organization="Parent Corporation"
OrganizationUnit="Child Corp"
SharedFolder=c:\cainstall
UseSharedFolder=Yes
ValidityPeriod=5
ValidityPeriodUnits=Years
Here is my reference:
http://technet2.microsoft.com/windo...bc6f-411d-96a7-6cd0587c1dd91033.mspx?mfr=true
I am using the following command prompt to launch it.
sysocmgr /i:sysoc.inf /u:c:\cainstall\unattend.inf
Anyone ever set the CA's DN from an unattended install? if so, how?
-Wayne
wayne_a_harris@hotmail.com