|
Posted by Wayne Harris on March 18, 2008, 9:06 am
Please log in for more thread options
> I'm trying to automate the build of a CA.
> My process works just fine, except for one small thing.
>
> In addition to the CA's CN name, =A0i would like to add the
> Distinguished Name Suffix.
> This is the X.500 distinguished name suffix that will be appended to
> the CA name.
>
> I only see the following unattended answer file settings.
>
> CAType
> =A0Specifies the type of CA to install.
> CSPProvider
> =A0Specifies the name of the Cryptography Service Provider (CSP).
> HashAlgorithm
> =A0Specifies the hash algorithm used by the CA to sign certificates.
> KeyLength
> =A0Specifies the key length for the CA.
> Name
> =A0Specifies the name of the CA.
> ParentCAMachine
> =A0Specifies the computer name with a CA that works as a parent CA with
> the current subordinate CA installation.
> ParentCAName
> =A0Specifies the parent CA name for the current subordinate CA
> installation.
> SharedFolder
> =A0Specifies the path to the folder that contains the configuration
> information for the CA.
> UseSharedFolder
> =A0Specifies whether to use the SharedFolder entry.
> ValidityPeriod
> =A0Specifies the number of periods, measured in units specified by
> ValidityPeriodUnits, for which the CA is valid.
> ValidityPeriodUnits
> =A0Specifies the units for the validity period of the CA.
>
> I find it hard to believe that this entry is not documented anwhere.
>
> Any help on Setting the DN Suffix in my unnattend.inf file?
As an update to anyone that cares, according to MS, this is simply
not possible.
"Via unattended setup in Windows 2003, there is no way to set any part
of the cert Subject other than the CN."
| 
XML Sitemap