Cant get https up and running

(Tess) #21

And you will! :smiley:

I will try asap to clone this experience in my homelab. That’ll take a bit though :smiley:

(Tess) #22

I’m working with @jan to get my pull request committed into the main documentation branch.

For now, you can find the notes I wrote about the whole certificates hullaballoo over here ->



A colleague managed to get the template configured properly. This required restarting the PKI a couple of times as well.

I could then proceed to submit a CSR created on the linux-commandline via webinterface.
And now it works. With the configuration being identical to what I did before. :crazy_face:
Damn you “historically developed structures”

Why didn’t I think of simply smacking the PKI on the back of its head? Sheeesh…

I am deeply sorry for keeping you occupied that long when I should have switched it off and on again. :sweat:

On the plus side and thanks to you Tess, there is now a very comprehensive documentation on how to do the tls-setup when there is a Windows PKI involved.
This will surely be helpful to many an admin having trouble to get things up and running in the future!

(Tess) #24

Restarting is not required. However, it takes a while for the new template to percolate through AD and its synchronizations. But no, a restart of ADCS is not needed :slight_smile:

And no worries! I’m glad that I could help! I love PKI and certs; honestly, I think it’s a fun and challenging part of the infrastructure to work with! Give me budget to build a cool env and throw in a few HSMs for good measure :heart_eyes_cat:

(system) closed #25

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.