Open breachr opened 9 months ago
This is mostly because the certificate template you are using is not enabled. Run the certipy find command again with -enabled to get only enabled certificates.
thanks for the reply, but it says:
Enabled : True
doesnt that mean its enabled?
Had a similar Issue, for me it has been an error with how certipy changed the certificate. Try to request the cert manually through the UI if you have access to a Domain joined computer to see what exactly the error is.
If you do not have access, in my case I could not select a CSP so something was wrong there.
What I did was: Make a copy of the old cert template, run the ESC4 command again (to export the changed template) and then edit the CSP field to the original one. Then we use the command that would be used to restore the backup with our edited file. For me it worked, because a CSP was selected afterwards and I could proceed.
Thanks alot for the response! Sounds like that could work. I will have access to this system in some months and will re-test it then and report back!
same issue. Also, tried on the windows side, from a domain joined computer, through certmgr, I receive the following error: An error occurred while enrolling for a certificate. A certificate request could not be created. Url: test.local\test-ca Error: No provider was specified for the store or object (CRYPT_E_NO_PROVIDER). Could have something to do with the CSP, but how can that be specified?
same problem CERTSRV_E_UNSUPPORTED_CERT_TYPE
amazing tool! but somehow i cant get this working. im not sure what the problem is, maybe the space in the CA Name?
find had some problems aswell but got me the templates and CA info in the end: