The Requestaction requests a certificate from the certification authority that you specify. The Requestaction requires the following syntax.

Copy Code
LCSCmd.exe /Cert /Action:Request /OU:<the organizational
unit> /org:<the organization> /sn:<subject name>
/country:<country or region> /state:<full state or
province name> /city:<full city or locality name>
[/online[:{TRUE|FALSE}]] [/friendlyName:<friendly name for the
certificate>] [/bitLength:<length of the certificate public
key>] [/exportable[:{TRUE|FALSE}]] [/san:<subject alternate
name on the certificate>] [/Filename:<file name for offline
requests>] [/ca:<certification authority in the form
<CAFQDN>\<CAName>>] [/caAccount:<Account in the
form <CADomain>\<CAUser> or
<CAComputer>\<CAUser>>] [/caPassword:<Password
for the CA account>] [/autoAppendSNToSAN[:{TRUE|FALSE}]]
[/enableClientEKU[:{TRUE|FALSE}]] [/assign:{TRUE|FALSE}]
[/Components:{AP | DP | MR | INTERNAL}] [/L:<log file path>]
[/XML[:{TRUE|FALSE}]] [/?[:{TRUE|FALSE}]]

Such as:

Copy Code
LCSCmd.exe /Cert /Action:Request /OU:Marketing /Org:Contoso
/sn:eepool1.contoso.com /country:US /city:Redmond /state:Washington

Where:

Parameter Description

/Cert

Executes the selected certificate task on the current computer.

/Action

Takes a string that specifies the action name. Valid action names include Request, CheckStatus, ImportResponse, ImportPFX, ExportPFX, ListCA, and ImportCAChain.

/OU

Specifies the organizational unit.

/org

Specifies the organization.

/sn

Specifies the certificates Subject Name, such as the FQDN of the current server or pool.

/country

Specifies the two-letter code for the country or region. For example, US for the United States or PT for Portugal.

/state

Specifies the unabbreviated name of the state or province.

/city

Specifies the unabbreviated name of the city or locality.

/online

Specifies whether this is an online certificate request. If not specified, TRUEis used.

/friendlyName

Specifies the friendly name of the certificate.

/bitLength

Specifies the length of the certificate public key. Valid values are 1024, 2048, 4096. If not specified, 1024 is used.

/exportable

Specifies whether the private key is exportable. If not specified, FALSEis used.

/san

Specifies a comma-separated list of names to be used as the subject alternate name of the certificate. The subject name is automatically added to the Subject Alternate Name (SAN) if any subject alternate name is specified unless /autoAppendSNToSAN:FALSEis specified.

/Filename

Specifies the file name for storing an offline certificate request. If specified, the file must not already exist.

/ca

Specifies the certification authority to use for online certificate requests in the form <CA FQDN>\<CA Name>. This parameter is required for online certificate requests.

/caAccount

Specifies an account that is recognized by the CA and has privileges to request certificates (if integrated authentication is not desired). This parameter is ignored if CredMan is not available.

/caPassword

Specifies the password to be used with caAccount. This parameter is ignored if caAccountis not specified.

/autoAppendSNToSAN

Specifies whether Subject Name should be appended to Subject Alternate Name if any subject alternate name is specified. If not specified, TRUEis used.

/enableClientEKU

Specifies whether the certificate should contain the Client Authentication EKU (usually not required except for some types of federation). If not specified, FALSEis used.

/assign

New in Office Communications Server 2007 R2. Specifies whether the issued certificate should be assigned immediately. This parameter is available only when /online is set to True (the default).

/Components

New in Office Communications Server 2007 R2. Specifies the Edge Server to which the certificate should be assigned. This is a comma-separated list, specifying one or more of the following options:

APAccess Proxy or Access Edge Server

DPData Proxy or Web Conferencing Edge Server

MRMedia Relay or A/V Edge Server

INTERNALEdge Server internal interface (default)

/L

Specifies the log file path. If not specified, %TEMP%\<ActionName>[<Date>][<Time>].html is used. To disable logging, use a dash character (-) as the log file name.

/XML

Specifies whether the log file to be generated should be in XML format instead of HTML.

/?

Shows Help on usage.