Active Directory Certificate Services 클릭
Install-AdcsCertificationAuthority -CAType EnterpriseRootCA -CACommonName CORP-CA -Force
Certification Authority 클릭
Web Server 우클릭 → Duplicate Template 클릭
Compatibility
General
Request Handling
Security
Certification Authority 클릭
Certificate Templates → New → Certificate Template to Issue 클릭
ADFS 클릭
Get-Certificate -Template ADFS -SubjectName CN=*.corp.com -DnsName www.corp.com, adfs.corp.com -CertStoreLocation Cert:\\LocalMachine\\My\\
ls Cert:\\LocalMachine\\My\\
Export-PfxCertificate -Cert Cert:\\LocalMachine\\My\\[CN=*.corp.com의 Thumbprint] -Password (ConvertTo-SecureString "Skill39**" -AsPlainText -Force) -FilePath wildcard.pfx
ls Cert:\\LocalMachine\\Root\\
Export-Certificate -Cert Cert:\\LocalMachine\\Root\\[CN=CORP-CA, DC=corp, DC=local의 Thumbprint] -FilePath ca.crt
