Join Log in
Score:0
AUser avatar Crypto

Create a Root CA self-signed certificate using the command line

ca flag
AUser

I have Microsoft Server 2019 offline Root CA

I want to renew the Root CA certificate, but I do not want it to be used immediately (as I want to push out the new Root CA certificate to key stores on clients ahead of using it to sign Issuing CA certificate/s).

if I renew on the Microsoft Certification Authority GUI tool (the standard one that is installed when you install the CA) the certificate immediately shows up in the configuration under the Properties section and is used to sign any new certificates.

The question is can I create from the command line (rather than the GUI) using guilt in command and tools like

https://docs.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate?view=windowsserver2022-ps

Whereby it is not active right away until I import it later?

27
0 + 0
pki
Maarten Bodewes avatar
in flag
Maarten Bodewes
Hi AUser, we're more about cryptographic algorithms and protocols rather than Microsoft implementation of a CA system. Would you mind if I migrate this to [su]?
1
Reply
AUser avatar
ca flag
AUser
Hi Maarten Thanks for the input, what every you think will help me if fine
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.