January 2013 – Page 2 – ddamir's technical blog

SAN in certificates–might be useful

From time to time, I found my self searching through my own blog site (the old one) for this information. So, if you ever need to configure Windows Server 2003 or 2008 to issue certificates with subject alternative names, you will need to execute following commands on CA computer:

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc

After this, your CA will be capable to issue certificates with SANs. You can do it by sending req file to CA, or by using web console. If you are using a web console, choose to perform advanced certificate request, and then in Attributes field enter alternative names in format :

san:dns=dns.name[&dns=dns.name]

For example: san:dns=exchange.domain.com&dns=autodiscover.domain.com

Posting from mobile

Just found that Windows phone and other mobile platforms have pretty decent wordpress client software. With prediction turned on,it seems pretty easy to post things here. Even with pictures :).

Hopefully, there is also a decent tablet version…

Moving to a new blog….

Hi all,

At the beginning of the year 2013, I’ve decided to make two changes in my publishing activities. First, I’m moving to a new blog engine. Reason for that is pretty simple – current mscommunity.ba platform is pretty old, outdated and we plan to replace it soon. Also, I’ve switched to English language to increase usability and visibility. Some posts, directed only to Bosnian readers still might apper in Bosnian language. As usual, I will continue to write about Windows Server, Exchange Server and similar ITPro technologies, as well as about Microsoft Learning.

My old posts (in Bosnian) will be available at old location : www.mscommunity.ba/blogs/ddamir.

Happy New Year to all of you!