PSPKI
PSPKI copied to clipboard
Question about Submit-CertificateRequest
Does anyone have any ideas on this? I'm submitting my csr to a standalone PKI server domain joined and I am not using a template.
This works just fine: certreq -submit -config "MYPKISERVER.DOMAIN.AD\MYPKISERVER.DOMAIN.AD" "C:\scripts\csr\test.csr"
This however does not and returns a very generic error. My connection to the PKI server connects just fine as I am able to pull attributes from the $ca variable.
$ca = Connect-CertificationAuthority -ComputerName MYPKISERVER.DOMAIN.AD
$req = Submit-CertificateRequest -CA $ca -Path "C:\scripts\csr\test.csr"
I thought something was wrong with my csr but then I tested it by submitting through certreq. Here is the error CCertRequest::Submit: The parameter is incorrect. 0x80070057 (WIN32: 87 ERROR_INVALID_PARAMETER) At C:\Program Files\WindowsPowerShell\Modules\PSPKI\3.7.2\Client\Submit-CertificateRequest.ps1:71 char:5
- ... $Status = $CertRequest.Submit(0xff,$Request,$strAttribute ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- CategoryInfo : OperationStopped: (:) [], ArgumentException
- FullyQualifiedErrorId : System.ArgumentException
It seems that CSR is saved using binary encoding, not with PEM header and footer.
closed due to inactivity.