Categories
Development System & Network

Incorrect Subject field in Certificate

I used the certreq command utility (certreq -new) to generate a csr from an .inf file which I sent to an intermediate CA to be signed, using certreq -submit.

For some reason the “Issued to” field under the General tab, and the “Subject” field under the details tab has my domain user name instead of the machine FQDN (specified on the subject line in the .inf).

I am doing this to replace the self-signed RDP cert on the machine with a certificate that is signed by our CA. I understand that this can be done using GPO & by creating an RDP template, but for testing purposes I need to make sure it works on this server first and using these commands.

The Server OS is Windows Server 2016 Standard. I am running the commands from an elevated PowerShell console.

Below is the .inf file I am referencing along with the commands I am using. I appreciate any insight on this!

;—————– request.inf —————–

[Version] Signature=”$Windows NT$”

[NewRequest] Subject = “C=US, ST=Florida, L=Orlando, O=Disney World, CN=RDPSSL-TEST.Disney.com”

KeySpec = 1 KeyLength = 2048 Exportable = TRUE

MachineKeySet = TRUE

SMIME = False

PrivateKeyArchive = FALSE UserProtected = FALSE UseExistingKeySet = FALSE

ProviderName = “Microsoft RSA SChannel Cryptographic Provider” ProviderType = 12

RequestType = PKCS10

KeyUsage = “CERT_DIGITAL_SIGNATURE_KEY_USAGE | CERT_KEY_ENCIPHERMENT_KEY_USAGE”

HashAlgorithm = SHA256

[EnhancedKeyUsageExtension] OID=1.3.6.1.4.1.311.54.1.2 ; this is for Remote Desktop Authentication

[RequestAttributes] CertificateTemplate= DisneyRemoteDesktop

;———————————————–

certreq -new request.inf cert.req

certreq -submit cert.req certnew.cer certnew.pfx

Leave a Reply

Your email address will not be published. Required fields are marked *