It's more common to skip the user interface (which might not receive fast updates), and use PowerShell with certreq
to achieve all advanced settings.
You can find a sample from here and modify it based on your own requirements.
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
I have been trying to create server certificates that are SHA256 and keep getting SHA1 results.
Using the MMC in the CSR wizard (from right clicking in the certificate store, then selecting Tasks -> Advanced Operations -> Create Request). The Before you begin window shows and select next. The problem comes when the Custom Request window is displayed. I found a "how to" but in the Template box on the "how to" it said No Template. When I do this on my servers I get the attached options.
Which of these options should I use to create a SHA256 CSR for the server for RDP purposes and which option should I select for a SHA256 CSR for a URL (Note: Web Server is not creating a SHA256 CSR).
Side Question: Is there a way to "force" Win2k16SVR to automatically generate SHA256 certificates via the registry or remove SHA1 as an option to the system?
The reason I ask is our CSR script defaults to SHA1 which is no longer acceptable so we would like to continue using the script but have SHA256 be the default. I know this can be done on a AD server but can this be forced on a member server?
It's more common to skip the user interface (which might not receive fast updates), and use PowerShell with certreq
to achieve all advanced settings.
You can find a sample from here and modify it based on your own requirements.