Hi
Using a Server 2012R2 Active Directory infrastructure, with a Certificate Autority.
How can we create a certificate for encrypting credentials that follows:
Key Usage:
Must contain: ‘KeyEncipherment’ and ‘DataEncipherment’.
Should not contain: ‘Digital Signature’.
Enhanced Key Usage:
Must contain: Document Encryption (1.3.6.1.4.1.311.80.1).
Should not contain: Client Authentication (1.3.6.1.5.5.7.3.2) and Server Authentication (1.3.6.1.5.5.7.3.1).
I requested a certificate from the certificate-responsible person. But he had problems signing a certificate of this kind. The error he got was “Denied by Policy Module” on the template on the CA server.
Any help/tips are welcome!
brgs
Bjørn