Connect Infisical to Microsoft Active Directory Certificate Services (ADCS) for automated certificate issuance and management.

Prerequisites

  • Microsoft Active Directory Certificate Services (ADCS) server running and accessible
  • Domain administrator account with certificate management permissions
  • Network connectivity from Infisical to the ADCS server
  • ADCS web enrollment enabled on your server

Connection Setup

1

Navigate to App Connections

Navigate to the App Connections tab on the Organization Settings page.App Connections Tab
2

Add Connection

Select the Azure ADCS Connection option from the connection options modal.Select Azure ADCS Connection
3

Configure Connection Details

Configuration Tab:
  • Name: Friendly name for this ADCS connection (e.g., “Production ADCS”)
  • ADCS URL: Your ADCS HTTPS URL (e.g., https://adcs.yourdomain.com/certsrv) - only HTTPS is supported
  • Username: Domain administrator username (format: DOMAIN\username or [email protected])
  • Password: Password for the domain administrator account
SSL Tab:
  • SSL Certificate: Optional PEM certificate for custom CA certificates or self-signed certificates
  • Reject Unauthorized: Whether to reject connections with invalid SSL certificates (it’s recommended to keep it enabled)
Getting the SSL Certificate: If your ADCS server uses a self-signed certificate or a certificate from a custom CA, you can obtain the certificate using OpenSSL or PowerShell:Using OpenSSL:
openssl s_client -connect your-adcs-server:443 -showcerts
Using PowerShell (from inside your ADCS Server):
Import-Module WebAdministration -ErrorAction SilentlyContinue
$binding = Get-WebBinding -Protocol https -Port 443
if ($binding -and $binding.certificateHash) {
    $cert = Get-ChildItem -Path "Cert:\LocalMachine\My\$($binding.certificateHash)"
    if ($cert) {
        $certBase64 = [System.Convert]::ToBase64String($cert.RawData)
        $certPem = "-----BEGIN CERTIFICATE-----`n" + ($certBase64 -replace '(.{64})', '$1`n') + "`n-----END CERTIFICATE-----"
        Write-Output $certPem
    }
}
Copy the certificate content (including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines) and paste it into the SSL Certificate field.
And click Connect to ADCS to establish the connection.Connect to ADCSConnect to ADCS - SSL
4

Connection Created

Your Azure ADCS Connection is now available for use in your Infisical projects. Azure ADCS Connection Created