1. Create self certificate using powershell
New-SelfSignedCertificate -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1") -KeyUsage KeyEncipherment,DataEncipherment -DnsName "*.xxx.co.id" -notAfter $([datetime]::now.AddYears(10)) -CertStoreLocation cert:\localmachine\my -FriendlyName LDAPS
2. open certificate console "certificate (local computer)"
-go to > personal > certificate > right click certificate and then click Export (chek "yes, export the privatekey")
3. at same console go to > trusted root certification authorities > certificate > right click > all tasks > import > choice certificate at above
4. open certificate console " certificate - Service (active Directory Domain Service) on local computer
> Go to NTDS\Personal > Certificates > right click > all tasks > import > choice certificate at above
No comments:
Post a Comment