> ## Documentation Index > Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt > Use this file to discover all available pages before exploring further. # WritePKINameFlag > The attacker principal has the ability to write to the msPKI-Certificate-Name-Flag attribute on the victim principal, which allows the attacker principal to configure "enrollee supplies subject" for the certificate template and other settings. Applies to BloodHound Enterprise and CE ## Abuse Info This relationship alone is not enough to perform a privilege escalation or impersonation primitive. This relationship may contribute to other relationships and attributes, from which an escalation opportunity may emerge. ## Opsec Considerations When an attacker abuses a privilege escalation or impersonation primitive that relies on this relationship, it will necessarily result in the issuance of a certificate. A copy of the issued certificate will be saved on the host that issued the certificate. ## Edge Schema Source: [User](/resources/nodes/user), [Group](/resources/nodes/group), [Computer](/resources/nodes/computer)\ Destination: [CertTemplate](/resources/nodes/cert-template)\ Traversable: **No** ## References This edge is related to the following MITRE ATT\&CK tactic and techniques: * [https://attack.mitre.org/techniques/T1649/](https://attack.mitre.org/techniques/T1649/) ### Abuse and Opsec references * [https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified\_Pre-Owned.pdf](https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified_Pre-Owned.pdf) * [https://learn.microsoft.com/en-us/openspecs/windows\_protocols/ms-crtd/1192823c-d839-4bc3-9b6b-fa8c53507ae1](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/1192823c-d839-4bc3-9b6b-fa8c53507ae1)