Ever since I started tinkering with SSL and HTTPS, I have had an unnatural hankering to move over into Extended Validation. It sounded simple enough, as per these Microsoft articles here, here and here.
It’s fairly simple. Go into your Certificate Authority and create a new Issuance Policy. Make a note of the unique Object Identifier (OID); go to Group Policy, import the Root Certificate Authority .CER. Open the certificate and add the OID captured above into the certificate.
It’s that simple.
Well nearly…
…but you promised me so much?
Now you’re just being mean 
So, not quite as easy as Microsoft suggest. However, since when has that ever been the case 😛
I will look into this further.
Confessions of a Config Manager Engineer 
For personal blog just use Let’s Encrypt
LikeLike
For a personal blog, sure!
However I’d prefer to use an internal PKI for signing intranet based services.
LikeLike