Certificate Generator & Request Tool / Script

This tool was born out of my frustrations of having to pre-create certificate requests on servers without IIS or Skype for Business management tools.  A while back I posted an article that showed how to do this through Certreq.exe on any Windows workstation or server. You can see this post here: https://skype4b.uk/2015/05/05/generating-csr-using-certreq-exe/ However, I am… Read More

Advertisements

Skype for Business Certificate Requirements (The Definitive Guide)

I wanted to address this topic because it appears to be cropping up on TechNet regularly. In this post we will discover what is and is not supported, what certificates we need for each server and their requirements. Before we start delving into the details, it is important to understand from the outset that Skype… Read More

ADFS Multifactor Authentication – Not Good for Office 365

Continuing down the road for implementing ADFS Multi-factor Authentication (MFA) using PKI I have come across a few issues and a major show stopper when implementing this for Office 365 services. I wanted to share my experience so that this you can avoid the same pain as I have been through.

Multi Factor Authentication (MFA) Using ADFS 3.0 and Certificates

I had to implement MFA using ADFS 3.0 and internally signed certificates in order to authenticate external users against Office 365 services. There were a few niggles along the way but on the whole it was a relatively easy process to complete. The design brief stated that only domain joined devices from outside the corporate… Read More

Generating CSR using Certreq.exe

I wanted to get this down on paper for reference as I seem to be doing this frequently, but not that frequent to remember each step. There are times when you need to generate a certificate signing request (CSR) on a machine without IIS installed. Examples of these are Web Application Proxy and ADFS 3.0 servers.… Read More

Forcing SSL Certificate to Associate with Server’s Private Key

Have you ever been handed a certificate exported (without the private key) from a server or directly from a CA to install on a different server than the one used to create the CSR? Whilst some IIS functions and apps allow you to use a certificate without a private key, there are others that demand… Read More