how to get a digital certificate with IUM oid?

pizhu gua 1 Reputation point
2022-08-22T07:51:40.123+00:00

win10 add a new feature named Isolated User Mode (IUM) Processes, (https://learn.microsoft.com/en-us/windows/win32/procthread/isolated-user-mode--ium--processes).
i want run a process as IUM process, but i don`t know how to apply a digital certificate with IUM oid. like this
233368-ium.png

any help will be useful to me.

I want to apply for a digital certificate for signing PE files (like EV signing). The enhanced key usage of this digital certificate must contain the OID of IUM, I don't know how to apply for this digital certificate.

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,744 questions
Windows Hardware Performance
Windows Hardware Performance
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Hardware Performance: Delivering / providing hardware or hardware systems or adjusting / adapting hardware or hardware systems.
1,537 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 39,331 Reputation points
    2022-08-23T08:18:46.603+00:00

    Hello there,

    You can use Powershell to get the certificate.

    The msPKI-Cert-Template-OID attribute of that object contains the OID you seek.

    Get-ADObject ('CN=OID,CN=Public Key Services,CN=Services,'+(Get-ADRootDSE).configurationNamingContext) -Properties msPKI-Cert-Template-OID | Select-Object -ExpandProperty msPKI-Cert-Template-OID

    ------------------------------------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept it as an answer–