Certificate Management - Microsoft CA - Routing Policy - CredSSP alternatives?

Marcio Olivieri
Tera Expert

Hello everyone. 

 

When using the Certificate Management module for Microsoft CA Servers to automate the request flow for new/renew certificates, there is an OOB flow action called Request/Renew Microsoft Certificate (requestrenew_microsoft_certificate) that is triggered by the routing policy, once a request is created. This action has a PowerShell step that specifies "CredSSP" authentication:

 

Invoke-Command -ComputerName $computer -credential $cred -Authentication CredSSP -ScriptBlock

 

In our environment, CredSSP is disabled due to security concerns, so the action above fails.

Did anyone face similar issue or managed to fix it? Thank you.

1 ACCEPTED SOLUTION

Nope, but I managed to make it functional by editing the OOB script and changing like below:
Invoke-Command -ComputerName $computer -credential $cred -Authentication Negotiate -ScriptBlock

View solution in original post

2 REPLIES 2

KarishmaN
Tera Contributor

Did you receive an answer to this?

Nope, but I managed to make it functional by editing the OOB script and changing like below:
Invoke-Command -ComputerName $computer -credential $cred -Authentication Negotiate -ScriptBlock