Creating a SHA256 CSR using MMC on a Domain Connected Windows 2016 Member Server

Bowman 0 Reputation points
2024-09-25T18:07:02.2866667+00:00

I have been trying to create server certificates that are SHA256 and keep getting SHA1 results.
Using the MMC in the CSR wizard (from right clicking in the certificate store, then selecting Tasks -> Advanced Operations -> Create Request). The Before you begin window shows and select next. The problem comes when the Custom Request window is displayed. I found a "how to" but in the Template box on the "how to" it said No Template. When I do this on my servers I get the attached options.
Which of these options should I use to create a SHA256 CSR for the server for RDP purposes and which option should I select for a SHA256 CSR for a URL (Note: Web Server is not creating a SHA256 CSR).
Side Question: Is there a way to "force" Win2k16SVR to automatically generate SHA256 certificates via the registry or remove SHA1 as an option to the system?
The reason I ask is our CSR script defaults to SHA1 which is no longer acceptable so we would like to continue using the script but have SHA256 be the default. I know this can be done on a AD server but can this be forced on a member server?CSR Template Options

Internet Information Services
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,113 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,565 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Lex Li (Microsoft) 5,582 Reputation points Microsoft Employee
    2024-09-25T19:58:16.9233333+00:00

    It's more common to skip the user interface (which might not receive fast updates), and use PowerShell with certreq to achieve all advanced settings.

    You can find a sample from here and modify it based on your own requirements.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.