Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Nexus' software components have new names:

Nexus PRIME -> Smart ID Identity Manager
Nexus Certificate Manager -> Smart ID Certificate Manager
Nexus Hybrid Access Gateway -> Smart ID Digital Access component
Nexus Personal -> Smart ID clients

Go to Nexus homepage for overviews of Nexus' solutions, customer cases, news and more.

Verify Enroll on behalf of for Windows

Created by Ann Base on Mar 02, 2022

This article describes how to verify Enroll on behalf of (EOBO) for Windows over CMC or PKCS#7.

^{Expand/Collapse All}

Prerequisites

Prerequisites

See Enroll on behalf of in WinEP

Step-by-step instruction

For CMC:

Create CMC file

Create a file called eobo-cmc.inf with the following contents:
```
[NewRequest]
RequestType=cmc
RequesterName=<domain>\<username>

[RequestAttributes]
CertificateTemplate=User
```
a. Replace <domain> with the domain for which to generate the request.
b. Replace <username> with the username for which to generate the request.

Run CMC commands

Run the following commands:
Command 1
```
> certreq.exe -new -cert "Enrollment Agent Signer" eobo-cmc.inf mycmc.req
```
Command 2
```
> certreq.exe -submit mycmc.req
```
The second command returns a certificate for the requested user.

For PKCS#7:

Create PKCS#7 file

Create a file called eobo-pkcs7.inf with the following contents:
```
[NewRequest]
RequestType=pkcs7
RequesterName=<domain>\<username>

[RequestAttributes]
CertificateTemplate=User
```
a. Replace <domain> with the domain for which to generate the request.
b. Replace <username> with the username for which to generate the request.

Run PKCS#7 commands

Run the following commands:
Command 1
```
> certreq.exe -new -cert "Enrollment Agent Signer" eobo-pkcs7.inf mypkcs7.req
```
Command 2
```
> certreq.exe -submit mypkcs7.req
```
The second command returns a certificate for the requested user.

For more information about PKCS#7, see https://docs.microsoft.com/en-us/windows/win32/seccertenroll/pkcs--7-eobo-request.

This article is valid for CM 8.5 and later.

Related information

Enroll on behalf of in WinEP

cm

Contact Nexus

(For feedback on product documentation: Select Reason for contact: Feedback on documentation.)

© 2023 Technology Nexus Secured Business Solutions AB. All rights reserved.
Disclaimer | Terms & Conditions.