Last active
February 9, 2018 07:36
-
-
Save JaekelEDV/c3a3b3989c329f8d34ef6251b7d2f279 to your computer and use it in GitHub Desktop.
Powershell Script Create Selfsigned Certificate for Labs
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<# | |
.SYNOPSIS | |
Function New-LabCert creates a selfsigned computercertificate for lab environments | |
.DESCRIPTION | |
This script creates a selfsigned computercertificate for lab environments. It is stored in cert:\localmachine\my | |
and from there it is exported as a pfx-file to c:\. This file then gets imported in 'Trusted Roots' to make it trustworthy. | |
Finally some cleanup is performed, e.g. the pfx-file will be deleted. | |
Please consider to run it with the -verbose parameter to receive some informative output. | |
.PARAMETER DNSName | |
This is the only but mandatory parameter. Please enter the DNSHostname of the machine you want this certificate for. | |
This will become the CN of the certficate | |
.EXAMPLE | |
Execute New-LabCert.ps1 directly from shell with dot sourcing | |
. .\New-LabCert.ps1 | |
New-LabCert -DNSName Value | |
.NOTES | |
Author: Oliver Jäkel | oj@jaekel-edv.de | @JaekelEDV | |
#> | |
#requires -Version 3.0 -Modules PKI | |
#region Parameter Section | |
Function New-LabCert { | |
[CmdletBinding()] | |
param ( | |
[Parameter(Mandatory=$true,HelpMessage='Enter DNSName of the Host')][string] $DNSName) | |
[string] $certstorelocation = 'Cert:\LocalMachine\' | |
#endregion | |
#region Create the selfsigned Certificate | |
New-SelfSignedCertificate -CertStoreLocation $certstorelocation\My -DnsName $DNSName | |
Write-Verbose -Message "Creating Selfsigned Computer Certificate for $DNSName" | |
#endregion | |
#region Export the certificate to filesystem | |
Set-Location -Path Cert:\LocalMachine\My | |
$cert = Get-ChildItem -Path .\ | Where-Object -EQ -Property Subject -Value "cn=$DNSName" | |
$thumbprint = ($cert).Thumbprint | |
$pwd = ConvertTo-SecureString -String 'Pa$$w0rd' -Force -AsPlainText | |
Export-PfxCertificate -Cert $certstorelocation\My\$thumbprint -FilePath $env:HOMEDRIVE\$DNSName.pfx -Password $pwd | |
Write-Verbose -Message "Export the Certificate to $env:HOMEDRIVE" | |
#endregion | |
#region Import the certificate to Trusted Root | |
Import-PfxCertificate -FilePath $env:HOMEDRIVE\$DNSName.pfx -CertStoreLocation $certstorelocation\Root -Password $pwd | |
Write-Verbose -Message 'Import the Certificate to Trusted Root' | |
#endregion | |
#region Cleanup | |
Set-Location -Path $env:HOMEDRIVE | |
Remove-Item -Path $env:HOMEDRIVE\$DNSName.pfx | |
#endregion | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment