Closed securitytime closed 10 months ago
Certipy uses LDAPS by default, you can switch to LDAP with -scheme or -ldap-scheme. Alternatively you must request a certificate for server authentication for your domain controller. It fails because the domain controller doesn't have a certificate to use. Log on to the DC as domain admin, then search for Computer Certificates and follow the guide to request a new certificate. Choose the Domain Controller option
Thanks for your detailed explanation! The switch -scheme ldap helped.
I used Certipy against a few HTB machines without any issues. Now I setup my own Windows server 2019 VM and I'm getting the following error:
The Windows server 2019 installation is pretty straightforward. I used the 180 days evaluation ISO, installed all Windows patches, then I added Active Directory Domain Services and then I added Active Directory Certificates Services (here I selected Certification Authority role and later Enterprise CA). To install certipy, I ran ./venv/bin/python -m pip install certipy-ad bloodhound.py works fine.