Comments (9)
Hello. It seems like the server dc3 doesn't have the AD CS service installed. The request command should be run against the CA server, not the DC - unless they are the same. :-)
from certipy.
Ok - so both the req and -ca arguments should point to the CA?
ex: certipy req 'domain/usertest:redacted@ca3' -ca ca3 -template User -debug
When I try that, I get the following error:
/usr/share/Certipy# certipy req 'domain/usertest:redacted@cs3' -ca cs3 -template User
Certipy v3.0.0 - by Oliver Lyak (ly4k)
[*] Requesting certificate
[-] Got error: RequestSessionError: code: 0x80070057 - E_INVALIDARG - One or more arguments are invalid.
[-] Use -debug to print a stacktrace
from certipy.
Yes, but the -ca argument should contain the name of the CA. If you don't know the name of the CA, you can use the "find" command against the DC server
from certipy.
I know the name of the CA - its cs3.
Should the servername after the @ in the req be the CA or a DC?
from certipy.
Is that the name of the CA server or the CA? There is a difference. After the @ you should put the CA server, and in the -ca you should put the name of the CA. They are usually different. The error you see is because the certificate template does not exist or the name of the CA is not correct
from certipy.
Ok. Is there a seperate command to confirm the name of the CA?
from certipy.
The "find" command should print the name of the CAs
from certipy.
Thank you. Found it with certutil as well. I appreciate your help.
from certipy.
Great. So everything worked out? :-)
from certipy.
Related Issues (20)
- ESC4 Restore Old Configuration Not Working HOT 1
- LDAP3 not getting detected with Certipy HOT 4
- Errors when running v4.7 HOT 6
- Changing LDAP/LDAPS port in find HOT 8
- Domain Computers Can Enroll HOT 1
- Help determining if ESC8 vulnerability is false positive? HOT 5
- KDC_ERR_PADATA_TYPE_NOSUPP(KDC has no support for padata type) [Need Urgent Help] HOT 1
- auth error 1.2.840.10046.2.1 HOT 1
- pip install requires
- KB5014754 - SID Extension Policy Module HOT 1
- How to create a single one-file budled executable for Certipy ? HOT 2
- Template Names can contain / 's in the name, breaking the ability to save to disk
- Golden Certificate - Unsupported Algorithm - SHA1 HOT 1
- No module named 'pkg_resources' HOT 1
- Issues in -add-officer functionality on Windows OS HOT 5
- pip3 install certipy-ad
- Traceback
- Cryptographic API Misuse Vulnerability
- certipy is not working
- Tried to run certipy and security was alerted HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from certipy.