Using powershell to automate remote login using TLS certs with AWS Managed AD CS

James Shaw 6

So I am trying to achieve remote logins via powershell using certs from an AWS Managed AD Certificate Service but I am struggling on where to go or how to achieve this.

I will be remote logging from my own work laptop into domain joined servers, I have the certificate service/authority setup but I am not sure where to go next from here and wondering if anyone could help with a few pointers? I am new to this and tried going through their docs but they seem overly complicated.

Would I need to somehow store the cert/s use for remote logging on my own machine? Or will storing them on the servers I want to remote login to work?

Is it even possible to request a cert from ad remotely to be used for remote logging in?
Is there anything else I possibly need to think about around this?

Any advice or pointers would be much appreciated.

I have tried doing this locally, with a server not on the domain and can do it this way, although I need to generate the cert on the server itself first then use its thumbprint to connect.

I have also setup the certificate services for Managed AD but stuck on where to go next.

James Shaw 6 Reputation points

2022-12-09T14:02:36.477+00:00

So I have set up a GPO to auto enroll certificates to machines on the domain, but still need a bit of guidance as to what certs and how to request them remote so they get pushed out to machines to be used for remote logging.