trying to set up LDAPS with Microsoft CA

Giganews Newsgroups
Subject: trying to set up LDAPS with Microsoft CA
Posted by:  Ron Proschan (RonProsch…@discussions.microsoft.com)
Date: Tue, 30 Dec 2008

We're trying to enable LDAP over SSL, using Microsoft Article 321051 and our
own Windows 2003 Server CA.  I use the inf model in that article, and when we
do the certreq -new request.inf etc., we get:

"The request contains no certificate template information. 0x80094801
(-2146875391) Denied by Policy Module 0x80094801, The request does not
contain a certificate template extension or the Certificate Template."

If we add

[RequestAttributes]
CertificateTemplate = DomainControllerAuthentication

we get:

"The DNS name is unavailable and cannot be added to the Subject Alternate
name. 0x8009480f (-214875377) Denied by Policy Module."

If we add

SAN="dns=[servername].local"

we get the same error again.

Does anyone have any idea what we're doing wrong?  Thanks very much in
advance.

Ron Proschan

Replies