This tool was born out of my frustrations of having to pre-create certificate requests on servers without IIS or Skype for Business management tools. A while back I posted an article that showed how to do this through Certreq.exe on any Windows workstation or server. You can see this post here: https://skype4b.uk/2015/05/05/generating-csr-using-certreq-exe/ However, I am… Read More
I wanted to address this topic because it appears to be cropping up on TechNet regularly. In this post we will discover what is and is not supported, what certificates we need for each server and their requirements. Before we start delving into the details, it is important to understand from the outset that Skype… Read More
Continuing down the road for implementing ADFS Multi-factor Authentication (MFA) using PKI I have come across a few issues and a major show stopper when implementing this for Office 365 services. I wanted to share my experience so that this you can avoid the same pain as I have been through.
I had to implement MFA using ADFS 3.0 and internally signed certificates in order to authenticate external users against Office 365 services. There were a few niggles along the way but on the whole it was a relatively easy process to complete. The design brief stated that only domain joined devices from outside the corporate… Read More
I wanted to get this down on paper for reference as I seem to be doing this frequently, but not that frequent to remember each step. There are times when you need to generate a certificate signing request (CSR) on a machine without IIS installed. Examples of these are Web Application Proxy and ADFS 3.0 servers.… Read More
Have you ever been handed a certificate exported (without the private key) from a server or directly from a CA to install on a different server than the one used to create the CSR? Whilst some IIS functions and apps allow you to use a certificate without a private key, there are others that demand… Read More