abenteuerzeit/self-signed-cert.ps1

## self-signed-cert.ps1
# Navigate to the desired directory
cd 'C:\temp'

# Create a self-signed root certificate
$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
  -Subject "CN=AzureRoot" `
  -KeyExportPolicy Exportable `
  -HashAlgorithm sha256 `
  -CertStoreLocation "Cert:\CurrentUser\My" `
  -KeyUsageProperty Sign -KeyUsage CertSign

# Generate a client certificate signed by the root certificate
New-SelfSignedCertificate `
  -Type Custom `
  -DnsName "PS2ChildCert" `
  -KeySpec Signature `
  -Subject "CN=AzureClient" `
  -KeyExportPolicy Exportable `
  -HashAlgorithm sha256 `
  -KeyLength 2048 `
  -CertStoreLocation "Cert:\CurrentUser\My" `
  -Signer $cert `
  -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")

# Export the root certificate
$RootCert = Get-ChildItem -Path "Cert:\CurrentUser\My" | Where-Object { $_.Subject -Match "AzureRoot" }
Export-Certificate -Type CERT -Cert $RootCert -FilePath 'C:\temp\AzureRootTemp.cer'

# Export the client certificate
$ClientCert = Get-ChildItem -Path "Cert:\CurrentUser\My" | Where-Object { $_.Subject -Match "AzureClient" }
Export-Certificate -Type CERT -Cert $ClientCert -FilePath 'C:\temp\AzureClientTemp.cer'

# Encode the root certificate to a base64 format and rename it
certutil -encode 'C:\temp\AzureRootTemp.cer' 'C:\temp\AzureRoot.cer'

# Display the content of the encoded root certificate
Get-Content 'C:\temp\AzureRoot.cer'

# Change directory back to the root of the C: drive
cd 'C:\'
	# Navigate to the desired directory
	cd 'C:\temp'

	# Create a self-signed root certificate
	$cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
	-Subject "CN=AzureRoot" `
	-KeyExportPolicy Exportable `
	-HashAlgorithm sha256 `
	-CertStoreLocation "Cert:\CurrentUser\My" `
	-KeyUsageProperty Sign -KeyUsage CertSign

	# Generate a client certificate signed by the root certificate
	New-SelfSignedCertificate `
	-Type Custom `
	-DnsName "PS2ChildCert" `
	-KeySpec Signature `
	-Subject "CN=AzureClient" `
	-KeyExportPolicy Exportable `
	-HashAlgorithm sha256 `
	-KeyLength 2048 `
	-CertStoreLocation "Cert:\CurrentUser\My" `
	-Signer $cert `
	-TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")

	# Export the root certificate
	$RootCert = Get-ChildItem -Path "Cert:\CurrentUser\My" \| Where-Object { $_.Subject -Match "AzureRoot" }
	Export-Certificate -Type CERT -Cert $RootCert -FilePath 'C:\temp\AzureRootTemp.cer'

	# Export the client certificate
	$ClientCert = Get-ChildItem -Path "Cert:\CurrentUser\My" \| Where-Object { $_.Subject -Match "AzureClient" }
	Export-Certificate -Type CERT -Cert $ClientCert -FilePath 'C:\temp\AzureClientTemp.cer'

	# Encode the root certificate to a base64 format and rename it
	certutil -encode 'C:\temp\AzureRootTemp.cer' 'C:\temp\AzureRoot.cer'

	# Display the content of the encoded root certificate
	Get-Content 'C:\temp\AzureRoot.cer'

	# Change directory back to the root of the C: drive
	cd 'C:\'