Hanzo
PlatformHanzo KMSIntegrationsApp Connections

Azure ADCS Connection

Learn how to configure an Azure ADCS Connection for Hanzo KMS certificate management.

Connect Hanzo KMS to Microsoft Active Directory Certificate Services (ADCS) for automated certificate issuance and management.

Prerequisites

  • Microsoft Active Directory Certificate Services (ADCS) server running and accessible
  • Domain administrator account with certificate management permissions
  • Network connectivity from Hanzo KMS to the ADCS server
  • ADCS web enrollment enabled on your server

Connection Setup

Navigate to the App Connections tab on the Organization Settings page. App Connections Tab

Select the Azure ADCS Connection option from the connection options modal. Select Azure ADCS Connection

Configuration Tab:

  • Name: Friendly name for this ADCS connection (e.g., "Production ADCS")
  • ADCS URL: Your ADCS HTTPS URL (e.g., https://adcs.yourdomain.com/certsrv) - only HTTPS is supported
  • Username: Domain administrator username (format: DOMAIN\username or username@domain.com)
  • Password: Password for the domain administrator account

SSL Tab:

  • SSL Certificate: Optional PEM certificate for custom CA certificates or self-signed certificates
  • Reject Unauthorized: Whether to reject connections with invalid SSL certificates (it's recommended to keep it enabled)

Getting the SSL Certificate: If your ADCS server uses a self-signed certificate or a certificate from a custom CA, you can obtain the certificate using OpenSSL or PowerShell:

Using OpenSSL:

openssl s_client -connect your-adcs-server:443 -showcerts

Using PowerShell (from inside your ADCS Server):

Import-Module WebAdministration -ErrorAction SilentlyContinue
$binding = Get-WebBinding -Protocol https -Port 443
if ($binding -and $binding.certificateHash) {
    $cert = Get-ChildItem -Path "Cert:\LocalMachine\My\$($binding.certificateHash)"
    if ($cert) {
        $certBase64 = [System.Convert]::ToBase64String($cert.RawData)
        $certPem = "-----BEGIN CERTIFICATE-----`n" + ($certBase64 -replace '(.{64})', '$1`n') + "`n-----END CERTIFICATE-----"
        Write-Output $certPem
    }
}

Copy the certificate content (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines) and paste it into the SSL Certificate field.

And click Connect to ADCS to establish the connection. Connect to ADCS Connect to ADCS - SSL

Your Azure ADCS Connection is now available for use in your Hanzo KMS projects. Azure ADCS Connection Created

How is this guide?

Last updated on

AWS Connection

Learn how to configure an AWS Connection for Hanzo KMS.

Azure App Configuration Connection

Learn how to configure a Azure App Configuration Connection for Hanzo KMS.

On this page

Prerequisites
Connection Setup