Knowledgebase: CSR Generation
CSR Generation: Using certreq (Windows)

This article is for administrators who prefer the command shell!

This article is for administrators who prefer the command shell!



Save the following file as request.inf on your server editing the subject according to the comment:

;----------------- request.inf -----------------

[Version]
Signature="$Windows NT$"

[NewRequest]
;Change to your,country code, company name and common name
Subject = "C=US, O=Example Co, CN=something.example.com"

KeySpec = 1
KeyLength = 2048
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
HashingAlgorithm = SHA256 

[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication / Token Signing
;-----------------------------------------------


then run

C:\>certreq -new request.inf request.csr

Related Articles

(1631 vote(s))
Helpful
Not helpful
Comments (0)