How to include Request email in SSL certificate template?

Question

I copied the default "web server" template as my SSL template for cooperate server. When the server admin requests the cert in certlm.msc by click "Request a certificate", the admin can enter the required SAN name and etc. However I found the attribute "Request.Email" is empty in the request and there is no option for admin to enter it. The reason why I need this attribute to be populated is because I want to use it to send out email notification when the cert is about to be expired.

As temp solution, I have to ask the server admin to send the csr file and I use certreq to sign csr file by passing value to Request.Email attribute. However this is not a good method. I want to make Request.Email as a mandatory option so the admin must fill it in when requesting the cert. I assume this should be done in cert template but how?

Thanks in advance.

Answer 1

Hello @J. L

Thank you for your post.

I would like to know if there is any chance to give more details where this is hosted like for instance, if it is on-premises or Azure Cloud and so on....

On the meantime, I would like to give you the next article that might be helpful for this case scenario

https://www.altaro.com/hyper-v/windows-ssl-certificate-templates/

Is there is any chance to gather the SSL template stated previously?

Is this a Self-Signed certificate or Root CA one?

Looking forward to your feedback.

Cheers,

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

Answer 2

The question is very clear how to make requester email as mandaroty attribute in SSL cert template. So it is not a self-signed neither a root CA. risolis is either not reading the question well or lack of basic PKI knowledge