Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

dsclibrary/MEMBER_SUBCA.DSC.ps1 some of the CApolicy.inf parameters may not work #324

Closed
kungfoome opened this issue Jul 16, 2019 · 1 comment · Fixed by #326
Closed

dsclibrary/MEMBER_SUBCA.DSC.ps1 some of the CApolicy.inf parameters may not work #324

kungfoome opened this issue Jul 16, 2019 · 1 comment · Fixed by #326
Labels
bug The issue is a bug. in progress The issue is being actively worked on by someone.

Comments

@kungfoome
Copy link

kungfoome commented Jul 16, 2019
edited

LabBuilder/src/dsclibrary/MEMBER_SUBCA.DSC.ps1

Line 115 in 291e646

Contents = "[Version]`r`n Signature= `"$Windows NT$`"`r`n[Certsrv_Server]`r`n RenewalKeyLength=2048`r`n RenewalValidityPeriod=Years`r`n RenewalValidityPeriodUnits=10`r`n LoadDefaultTemplates=1`r`n AlternateSignatureAlgorithm=1`r`n"

AlternateSignatureAlgorithm should probably be 0. This can cause some issues with non windows machines. I had some issues just getting it to trust the cert on windows itself. This was on server 2016 as well.

Again, a decent config might be something like

[Version]
Signature="$Windows NT$"

[Certsrv_Server]
RenewalKeyLength=4096
RenewalValidityPeriod=Years
RenewalValidityPeriodUnits=10
AlternateSignatureAlgorithm=0
CNGHashAlgorithm=SHA256
LoadDefaultTemplates=0

this is based on the same articles in #322
@PlagueHO
Copy link
Owner

Thanks @kungfu71186 - I'll do a big batch of fixes on Thursday night (snowed under the next two nights).

@PlagueHO PlagueHO added enhancement The issue is an enhancement request. bug The issue is a bug. in progress The issue is being actively worked on by someone. and removed enhancement The issue is an enhancement request. labels Jul 16, 2019
@PlagueHO PlagueHO mentioned this issue Jul 21, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug The issue is a bug. in progress The issue is being actively worked on by someone.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

General Improvements & Fixes to DSC Configurations PlagueHO/LabBuilder
2 participants
@kungfoome @PlagueHO