PSPKI icon indicating copy to clipboard operation
PSPKI copied to clipboard

Published 20 hours ago verified publisher icon PKISolutions

Question about Submit-CertificateRequest

Open odmattw opened this issue 3 years ago • 1 comments

Does anyone have any ideas on this? I'm submitting my csr to a standalone PKI server domain joined and I am not using a template.

This works just fine: certreq -submit -config "MYPKISERVER.DOMAIN.AD\MYPKISERVER.DOMAIN.AD" "C:\scripts\csr\test.csr"

This however does not and returns a very generic error. My connection to the PKI server connects just fine as I am able to pull attributes from the $ca variable.
$ca = Connect-CertificationAuthority -ComputerName MYPKISERVER.DOMAIN.AD

$req = Submit-CertificateRequest -CA $ca -Path "C:\scripts\csr\test.csr"

I thought something was wrong with my csr but then I tested it by submitting through certreq. Here is the error CCertRequest::Submit: The parameter is incorrect. 0x80070057 (WIN32: 87 ERROR_INVALID_PARAMETER) At C:\Program Files\WindowsPowerShell\Modules\PSPKI\3.7.2\Client\Submit-CertificateRequest.ps1:71 char:5

  • ... $Status = $CertRequest.Submit(0xff,$Request,$strAttribute ...
  •             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    • CategoryInfo : OperationStopped: (:) [], ArgumentException
    • FullyQualifiedErrorId : System.ArgumentException

odmattw avatar Sep 04 '20 13:09 odmattw

It seems that CSR is saved using binary encoding, not with PEM header and footer.

Crypt32 avatar Oct 08 '20 09:10 Crypt32

closed due to inactivity.

Crypt32 avatar Jun 14 '23 19:06 Crypt32