A PowerShell module for exporting, importing, removing, permissioning, publishing Active Directory Certificate Templates. It also includes a DSC resource for creating AD CS templates using these functions. This was built with the intent of using DSC for rapid lab builds. Could also work in production to move templates between AD CS environments.
Here is my issue:
I create a template, then: Export-ADCSTemplate -DisplayName "Web Server Template" > .\webservertemplate.json
After that, I delete the template from the server and run:
New-ADCSTemplate -DisplayName 'Web Server Template' -JSON (Get-Content .\webservertemplate.json -Raw) -Identity "Contoso\DC$"
Then I issue the certificate. All good so far.
But when I now request this certificate and try to enroll it I get:
Active Directory Certificate Services denied request 11 because The requested certificate template is not supported by this CA. 0x80094800 (-2146875392 CERTSRV_E_UNSUPPORTED_CERT_TYPE). The request was for CONTOSO\DC$. Additional information: Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Active Directory Certificate Services policy: 1.3.6.1.4.1.311.21.8.9859221.16429217.5656198.9359005.7585435.138.94555984.49861486.
Certificate enrollment for Local system failed to enroll for a WebServerTemplate certificate with request ID 11 from dc.Contoso.Azure\Contoso Certificate Authority (The requested certificate template is not supported by this CA. 0x80094800 (-2146875392 CERTSRV_E_UNSUPPORTED_CERT_TYPE)).
I guess something goes broken during this export/import
Hi,
Here is my issue: I create a template, then: Export-ADCSTemplate -DisplayName "Web Server Template" > .\webservertemplate.json
After that, I delete the template from the server and run: New-ADCSTemplate -DisplayName 'Web Server Template' -JSON (Get-Content .\webservertemplate.json -Raw) -Identity "Contoso\DC$"
Then I issue the certificate. All good so far. But when I now request this certificate and try to enroll it I get:
Active Directory Certificate Services denied request 11 because The requested certificate template is not supported by this CA. 0x80094800 (-2146875392 CERTSRV_E_UNSUPPORTED_CERT_TYPE). The request was for CONTOSO\DC$. Additional information: Denied by Policy Module 0x80094800, The request was for a certificate template that is not supported by the Active Directory Certificate Services policy: 1.3.6.1.4.1.311.21.8.9859221.16429217.5656198.9359005.7585435.138.94555984.49861486.
Certificate enrollment for Local system failed to enroll for a WebServerTemplate certificate with request ID 11 from dc.Contoso.Azure\Contoso Certificate Authority (The requested certificate template is not supported by this CA. 0x80094800 (-2146875392 CERTSRV_E_UNSUPPORTED_CERT_TYPE)).
I guess something goes broken during this export/import