Certificate request not adding SAN

2017-12-01T15:17:01+00:00 April 10th, 2015|Windows|

We just installed a CA in our labs and I needed to generate a certificate with a SAN but it seemed that when I ran through the request via the web interface it just ignored the SAN attribute.

Turns out you need to configure your CA to issue Certs with SAN, it’s pretty simple, from an admin command prompt on the CA run:


certutil -setreg policyEditFlags +EDITF_ATTRIBUTESUBJECTALTNAME2
net stop certsvc && net start certsvc


After that it recognized the san attribute.

Hope it helps!