Requesting certs with CA Certificate Manager Approval enabled

[hmhackmaster]

First of all, fantastic script! It really makes certificate tasks so much easier!

For those of us who are requesting certs against a template that has the Issuance Requirements > CA certificate manager approval option enabled, the script fails since the certificate hasn't been approved and issued by the time the script goes to retrieve it.

My attempts fail with the following output:

C:\Users\ADMINI~1\AppData\Local\Temp\TESTCERT.cer
Request-Certificate.ps1: certreq -accept command failed

Has there been any consideration on ways to work around this, either by pausing the script until the requester presses a key, running a loop to check for cert approval every 30s or allow the script to be re-run at a later time with a 'retrieve and complete issuance' switch?

I have attempted to mess around with pausing the flow and even just trying to complete the certificate issuance in the computer's certlm but, while it sees the certificates in Certificate Enrollment Requests certificate store, the retrieval option just sees them all as "Enrollment Pending" even though they have been approved for issuance by the CA.

[McFarTech]

+1 on this issue. Even though the script errors out it does create the cert in the Pending Requests. I can then go and issue and get the cert. It would just be nice for the script to not bomb out with an error just because Manager approval is needed.

[McFarTech]

@hmhackmaster Did you ever get anywhere with this issue?

[McFarTech]

I have just # line 379. This allows the script to complete without producing an error. I can live with that for now as it's typically myself requesting and approving the certificate. Be nice if there was an official fix though.

[alb147]

Hi It's been a while and I just found this script. very good work. Did anyone solve this problem? I have the same error

Thanks