I created a certificate request using certreq.exe and the prerequisite
request.info on a Windows Server 2012R2 DC--references and details given below.
However, I receive the error "Sorry, your request is not submitted. The reason is "Invalid Request." when attempting to submit "Manual Server Certificate Enrollment" it to my Root CA.
Am I using the wrong template profile? Is there a template that supports OID=1.3.6.1.5.5.7.3.1?
Currently using PKI/Dogtag 10.3, but I did update to 10.4, briefly, then recovered from snap/backup to 10.3 for the error persisted with 10.4.
These are my primary references:
https://support.microsoft.com/en-us/help/321051/how-to-enable-ldap-over-ssl-with-a-third-party-certification-authority
https://technet.microsoft.com/en-us/library/ff625722(v=ws.10).aspx#BKMK_Certreq
Created the CSR by executing "certreq -new request.inf request.csr"