The Insecure Wire

a network engineers perspective

Request a SAN certificate using MS CA Web enrollment Pages

1. Run these commands on the MS CA server:

certutil -setreg policy\EditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc
net start certsvc

2. In the Attributes box, type the desired SAN attributes. SAN attributes take the following form:[&]

For example : To add two DNS names to the SAN field , you can type: