How to request a SAN certificate using MS CA Web enrollment Pages

Works like charm

Ammar Hasayen - Blog

1. Run those commands on the CA server

certutil -setreg policyEditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc

2. In the Attributes box, type the desired SAN attributes. SAN attributes take the following form:[&]

For example : To add two DNS names to the SAN field , you can type :

Note : Some services requires that the Subject name of the certificate , is also the first entry of the SAN certificate extension . Suppose you are issuing a certificate for Exchange OWA , and you need to include the internal and external URL in one certificate with SAN field . The subject of the certificate will be ( and the SAN field will be (,

View original post


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s