Created
June 5, 2023 12:48
-
-
Save BoxedBrain/efb99a946263e4fb1c259a0c56eb25c1 to your computer and use it in GitHub Desktop.
Create a new self signed certificate in the 'CurrentUser' certificate store to test the NPS PKI MFA second factor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PKI MFA Test Script | |
| # Create a new self signed certificate in the 'CurrentUser' certificate store | |
| # to test the NPS PKI MFA second factor | |
| # | |
| # ------------------------- Password Secure User Settings ------------------------- | |
| # Certificate hash methods: SHA1 | |
| # | |
| # Checking mode for certificate chains: No checking | |
| # Only for testing, use trusted PKI certificate for productive use | |
| # | |
| # Force Validity of certificate: Deactivated | |
| # Only for testing, otherwise checking for 'Trusted Root Certification Authorities' | |
| # ------------------------- Password Secure User Settings ------------------------- | |
| $params = @{ | |
| FriendlyName = 'Password Secure MFA Certificate' | |
| DnsName = $env:COMPUTERNAME | |
| Provider = 'Microsoft Strong Cryptographic Provider' | |
| CertStoreLocation = 'Cert:\CurrentUser\My' | |
| KeyUsage = 'KeyEncipherment' | |
| NotAfter = (Get-Date).AddYears(10) | |
| KeyAlgorithm = 'RSA' | |
| KeyLength = 4096 | |
| } | |
| New-SelfSignedCertificate @params |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment