小编Cob*_*ter的帖子

加密证书必须包含数据加密或密钥加密

升级到 Windows Management Framework 5.0 后，我在获取 DSC 配置时开始收到以下异常。

ConvertTo-MOFInstance : System.ArgumentException error processing property 'Password' OF TYPE 'MSFT_Credential': Certificate
'---HIDDEN-CERTIFICATE-THUMPRINT-VALUE---' cannot be used for encryption. Encryption certificates must contain the Data Encipherment or Key
Encipherment key usage, and include the Document Encryption Enhanced Key Usage (1.3.6.1.4.1.311.80.1).
At C:\Windows\system32\WindowsPowerShell\v1.0\Modules\PSDesiredStateConfiguration\PSDesiredStateConfiguration.psm1:303 char:13
+             ConvertTo-MOFInstance MSFT_Credential $newValue
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : InvalidOperation: (:) [Write-Error], InvalidOperationException

Run Code Online (Sandbox Code Playgroud)

每个节点上使用的证书是使用以下证书请求生成的自签名证书。

[NewRequest]
Subject = CN=[computer-name-here].dsc
KeyLength = 2048
MachineKeySet = true
RequestType = Cert
KeySpec = AT_KEYEXCHANGE

Run Code Online (Sandbox Code Playgroud)

然后将此请求文件馈送到 …

powershell certificate x509certificate dsc

Cob*_*ter

2016 02-27

3
推荐指数

1
解决办法

3347
查看次数

标签统计

certificate ×1

dsc ×1

powershell ×1

x509certificate ×1

加密证书必须包含数据加密或密钥加密

标签 统计

小编Cob_ter的帖子

标签统计