Add the ESC1 certificate template
This commit is contained in:
parent
a88751167b
commit
8258657a45
|
@ -0,0 +1,27 @@
|
|||
---
|
||||
# Creates a template that will be vulnerable to ESC 1 (subject name supplied in
|
||||
# the request). Fields are based on the SubCA template. For field descriptions,
|
||||
# see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/b2df0c1c-8657-4684-bb5f-4f6b89c8d434
|
||||
showInAdvancedViewOnly: 'TRUE'
|
||||
# this security descriptor grants all permissions to all authenticated users
|
||||
nTSecurityDescriptor: D:PAI(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;AU)
|
||||
flags: 0
|
||||
pKIDefaultKeySpec: 2
|
||||
pKIKeyUsage: !binary |-
|
||||
hgA=
|
||||
pKIMaxIssuingDepth: -1
|
||||
pKICriticalExtensions:
|
||||
- 2.5.29.19
|
||||
- 2.5.29.15
|
||||
pKIExpirationPeriod: !binary |-
|
||||
AEAepOhl+v8=
|
||||
pKIOverlapPeriod: !binary |-
|
||||
AICmCv/e//8=
|
||||
pKIDefaultCSPs: 1,Microsoft Enhanced Cryptographic Provider v1.0
|
||||
msPKI-RA-Signature: 0
|
||||
msPKI-Enrollment-Flag: 0
|
||||
# CT_FLAG_EXPORTABLE_KEY
|
||||
msPKI-Private-Key-Flag: 0x10
|
||||
# CT_FLAG_ENROLLEE_SUPPLIES_SUBJECT
|
||||
msPKI-Certificate-Name-Flag: 1
|
||||
msPKI-Minimal-Key-Size: 2048
|
Loading…
Reference in New Issue