automate certificate enrollment for clients outside of AD RRS feed

  • Question

  • Hi,

    I need to automate the process of issuing a certificate, today we have a user portal (the users are clients and are not in our AD),

    After a user request for a certificate, and providing all of his details (name, last, department, etc…) we go manually to our CA using the web address: https://CA-SEREVR/certsrv

    And we issue the certificate, and install it.

    After that we go and export the certificate from the server’s installed certificates and we mail the certificate to the end user.

    I already have a way of getting the requests from the portal using: ConvertFrom-Json

    So I have all the details waiting but I don’t know how to:

    1. Issue a certificate request using all the details
    2. Approve the certificate request
    3. Install the certificate
    4. Export the certificate with private key and password

    Also I have one last thing, I have in the user portal a field that say if this is a new certificate or if it’s an old one that needs to be renewed. If this is an old one we create a new certificate instead but we also need to revoke the old certificate (the ID number of the certificate to revoke is in the user portal as well).

    So in case of renew I also need a way to revoke the old certificate based on its ID.


    Monday, January 5, 2015 8:14 AM

All replies