Creating a certificate template

To configure a template with auto-enrollment:

1. Open the MMC Certificate Template snap-in.

   Another way to open the Certificate Template console is to open the Certification Authority console, right-click Certificate Templates, and select Manage.

2. Select a template, then right-click and select Duplicate Template to create a new template that you can modify.

   For example, select the Workstation Authentication template.

3. On the Properties page for the new template, do the following:

   1. Select the General tab and enter a name for the template.

   2. Select the Security tab and select Domain Computers. Then select Read and Autoenroll permissions.

   3. Select the Subject Name tab. For Subject name format, select Fully distinguished name.

   4. Select the Extensions tab. Then select Application Policies.

   5. Click Edit. Client Authentication should already be shown.

   6. Click Add, then scroll and select Server Authentication.

   7. Click OK.

4. Click OK to save the new template.