Microsoft CA – create a new certificate template
The creation of a certificate template is a basic administration task for a CA admin. To create a new template, open the CA management console and manage the available certificate templates
Next, select a base template and duplicate it. The new template will be based on this template and inherit some if its properties. It is a good idea to take the User template as a basis for certificates requested by Afaria via SCEP.
Select for which CA type this template is going to be generated and later on used. You should go for at least Windows Server 2008.
Now you can fill in the information of your certificate template. This information will be used by the CA to create the final certificate, requested by Afaria. Make sure to include all you need and to configure it accordingly to your requirements.
After clicking OK, the new certificate template is listed in the available templates of your CA. Please be aware that with this, the new certificate template is only available for the CA, it is not added to the list of templates actually used by the CA. You can have several CA`s in your organization and while the administrator add new templates for the whole organization, only selected certificates may be used by certain CAs. You can have a CA that is only issuing user certificates, while another CA only issues device certificates.
To make the template available to your CA, add the template to the list of available templates to issue for your CA.
Select it from the list.
Congratulations. Now your new certificate template is available to your CA and new certificates based on this template can be issued to clients.