Forum Discussion
Device certificate profile with SAN DNS= {{FullyQualifiedDomainName}} doesn't work
I've created a certificate profile to push device certificates to Windows 10 computers. After struggling with the certificate requests failing for a while, I finally got it to issue certificates, but one of the SANs is missing.
Initially the profile was set to use a Subject name of {{AADdeviceID}}, with a SAN of DNS={FullyQualifiedDomainName}}. What seems to have got it working is to add a second SAN of DNS={{DeviceName}}, but looking at the certificate that was issued, it has only the second SAN. The FQDN is not listed anywhere on the certificate.
Has anyone set up a PKCS certificate profile that successfully issues device certificates with the FQDN as a subject name or SAN?
What would cause the certificate to be issued without the additional SAN?