'How to suppress a popup window while using certreq to request a certificate from an enterprise CA?

I am trying to request a certificate from a machine that is in the same domain as our enterprise CA server. Everything is working fine but I'm one step away from making my script have zero user interaction.

I basically modified the following script to contain no parameters and removed the SAN options:

https://gallery.technet.microsoft.com/scriptcenter/Request-certificates-from-b6a07151

After the following command to create a new request from an .inf file, I get a popup window:

Invoke-Expression -Command "certreq -new `"$inf`" `"$req`""

Machine context template conflicts with user context.

When I click OK, everything works fine. A new request gets created and rest of the script works fine. But I can't find a way to click "OK" programmatically.

certreq tool does have the -q (to suppress interactive prompts) and -f (to force/bypass things) but none of those work.

certreq -new -q $inf $req OR using both -q and -f results in:

Active Directory Enrollment Policy
  {<GUID>}
  ldap:
Machine context template conflicts with user context.
Certificate Request Processor: The specified role was not configured for the application 0x8004e00c (-2147164148 CONTEXT_E_ROLENOTFOUND)

I am pretty much stuck here. Any help would be appreciated!

powershellcertificatepopupwindowcacertreqrust


Solution 1:[1]

Answer to your question should be changing param in Request-Certificate.ps1. Take a look at inf file for generating request and check MachineKeySet param. Default is false and prompt:

Machine context template conflicts with user context.

appers when template is of kind Machine. When you switch it to true ale use User template there is opposite prompt:

User context template conflicts with machine context.

Solution 2:[2]

For people who come here to suppress the prompt to select a CA, add -config <FQDN_OF_CA>\<LOGICAL_NAME_OF_CA> to your CertReq command.

Solution 3:[3]

HashMap.get returns Option<&Ihello> which means that the result could be either Some value Ihello or None(If the key does not exists). So one solution is to destructure the Option using if let statement.

let hello: Option<&Ihello> = mapp.get(&hello_string);
if let Some(val) = hello {
    println!("{}", val()); // calling the function here
} else {
    println!("Key is missing!");
}

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Krzysztof Gapski
Solution 2 stackprotector
Solution 3

Related Questions

Creating/Duplicating a Certificate Template with Powershell

Creating/Duplicating a Certificate Template with Powershell

Creating/Duplicating a Certificate Template with Powershell

New-ExoPSSession: Index was out of range

PowerShell Cannot dot-source this command because it was defined in a different language mode

How do I get only directories using Get-ChildItem?

Powershell - windows hard-disk health status is giving inconsistent results

The term 'AzCopy' is not recognized as a name of a cmdlet, function, script file

check if an string exists in a list of strings, using powershell

Can Powershell Run Commands in Parallel?

How can ensure that a function only accepts a positive integer?

Powershell: Two dimension arrays

PowerShell and process exit codes

PowerShell Script to set the size of pagefile.sys

Trying to install Angular 2 Material from npm - unrecognized token in source text