-
-
Save anthonyeden/710d63247d9b6b9202a11bf00b146c01 to your computer and use it in GitHub Desktop.
| "C:\Program Files\Lets Encrypt\letsencrypt.exe" --renew --baseuri "https://acme-v01.api.letsencrypt.org/" | |
| powershell -File "C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1" -CertificateImport "C:\ProgramData\letsencrypt-win-simple\httpsacme-v01.api.letsencrypt.org\remote.example.com-all.pfx" -RDCB remote.example.com |
| # Install a Let's Encrypt certificate to Remote Desktop Services | |
| # Hacked together by Anthony Eden (https://mediarealm.com.au/) | |
| #Credit: https://ryanmangansitblog.com/2014/06/17/deploying-rds-2012-wild-card-certificate-using-powershell/ | |
| #Credit: https://github.com/Lone-Coder/letsencrypt-win-simple/issues/400 | |
| param ( | |
| [Parameter(Mandatory=$TRUE, HelpMessage="store the certificate localy (c:\)")] | |
| [String] | |
| $CertificateImport, | |
| [Parameter(Mandatory=$TRUE, HelpMessage="Connection Broker FQDN")] | |
| [String] | |
| $RDCB | |
| ) | |
| if ( ((get-date) - (ls $CertificateImport).LastWriteTime).minutes -gt 10){ exit } | |
| # This is where a temporary certificate will be stored (we delete it at the end) | |
| $tempPfxPath = 'C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx' | |
| # Import the RemoteDesktop module | |
| Import-Module RemoteDesktop | |
| # Create the temporary certificate | |
| $newCertPfx = Import-PfxCertificate -FilePath $CertificateImport -CertStoreLocation Cert:\LocalMachine\My -Exportable | |
| $tempPasswordPfx = ConvertTo-SecureString -String "TemporaryPassword" -Force -AsPlainText | |
| Export-PfxCertificate -cert $newCertPfx -FilePath $tempPfxPath -Force -NoProperties -Password $tempPasswordPfx | |
| Remove-Item -Path $newCertPfx.PSPath | |
| # Configure RDPublishing Certificate for RDS | |
| set-RDCertificate -Role RDPublishing ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -Force ` | |
| # Configure First RDWebAccess Certificate for RDS | |
| set-RDCertificate -Role RDWebAccess ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -Force ` | |
| # Configure Second Certificate for RDS | |
| set-RDCertificate -Role RDWebAccess ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -Force ` | |
| # Configure RDRedirector Certificate for RDS | |
| set-RDCertificate -Role RDRedirector ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -force ` | |
| # Configure First RDGateway Certificate for RDS | |
| set-RDCertificate -Role RDGateway ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -force ` | |
| # Configure Second RDGateway Certificate for RDS | |
| set-RDCertificate -Role RDGateway ` | |
| -ImportPath $tempPfxPath ` | |
| -Password $tempPasswordPfx ` | |
| -ConnectionBroker $RDCB -force ` | |
| # Cleanup the temporary PFX file | |
| Remove-Item -Path $tempPfxPath |
Hello,
i try this PS Skript.
I make the changes fromNatakugithub,
But i have still this errors
`PS C:\Program Files (x86)\Lets Encrypt> C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1
Cmdlet RDS_INSTALL_CERT.ps1 an der Befehlspipelineposition 1
Geben Sie Werte für die folgenden Parameter an:
(Geben Sie zum Aufruf der Hilfe !? ein.)
CertificateImport: C:\ProgramData\win-acme\acme-v02.api.letsencrypt.org\Certificates
RDCB: RDSGATEWAY.Adress.xx
Password: Uj7HJv2kykk6TCDRyqJz2W/+nPJhZYVTd5tMWhzDINI=
Für "op_Subtraction" und die folgende Argumenteanzahl kann keine Überladung gefunden werden: "2".
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:23 Zeichen:6
- if ( ((get-date) - (ls $CertificateImport).LastWriteTime).TotalMinute ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [], MethodException
- FullyQualifiedErrorId : MethodCountCouldNotFindBest
Import-PfxCertificate : Die PFX-Datei wurde nicht gefunden.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:32 Zeichen:15
- ... ewCertPfx = Import-PfxCertificate -FilePath $CertificateImport -Passw ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [Import-PfxCertificate], FileNotFoundException
- FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.CertificateServices.Commands.ImportPfxCertificate
Export-PfxCertificate : Das Argument kann nicht an den Parameter "Cert" gebunden werden, da es NULL ist.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:34 Zeichen:29
- Export-PfxCertificate -cert $newCertPfx -FilePath $tempPfxPath -Force ...
-
~~~~~~~~~~~- CategoryInfo : InvalidData: (:) [Export-PfxCertificate], ParameterBindingValidationException
- FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.CertificateServices.Commands.ExportPfxCertificate
Remove-Item : Das Argument kann nicht an den Parameter "Path" gebunden werden, da es NULL ist.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:35 Zeichen:19
- Remove-Item -Path $newCertPfx.PSPath
-
~~~~~~~~~~~~~~~~~~- CategoryInfo : InvalidData: (:) [Remove-Item], ParameterBindingValidationException
- FullyQualifiedErrorId : ParameterArgumentValidationErrorNullNotAllowed,Microsoft.PowerShell.Commands.RemoveItemCommand
set-RDCertificate : Der angegebene Pfad "C:\ProgramData\win-acme\temp-pfx.pfx" ist ungültig, oder der Zugriff auf den Pfad ist nicht möglich.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:39 Zeichen:1
- set-RDCertificate -Role RDPublishing `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
Get-RDServer : Der RD-Verbindungsbrokerserver ist nicht verfügbar. Stellen Sie sicher, dass Sie eine Verbindung mit dem
RD-Verbindungsbrokerserver herstellen können.
In C:\Windows\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:309 Zeichen:22
- ... webaccess = Get-RDServer -ConnectionBroker $ConnectionBroker -Role @( ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
- FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDServer
set-RDCertificate : In der Bereitstellung ist kein Server mit Web Access für Remotedesktop vorhanden.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:45 Zeichen:1
- set-RDCertificate -Role RDWebAccess `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
Get-RDServer : Der RD-Verbindungsbrokerserver ist nicht verfügbar. Stellen Sie sicher, dass Sie eine Verbindung mit dem
RD-Verbindungsbrokerserver herstellen können.
In C:\Windows\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:309 Zeichen:22
- ... webaccess = Get-RDServer -ConnectionBroker $ConnectionBroker -Role @( ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
- FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDServer
set-RDCertificate : In der Bereitstellung ist kein Server mit Web Access für Remotedesktop vorhanden.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:51 Zeichen:1
- set-RDCertificate -Role RDWebAccess `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
set-RDCertificate : Der angegebene Pfad "C:\ProgramData\win-acme\temp-pfx.pfx" ist ungültig, oder der Zugriff auf den Pfad ist nicht möglich.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:57 Zeichen:1
- set-RDCertificate -Role RDRedirector `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
Get-RDServer : Der RD-Verbindungsbrokerserver ist nicht verfügbar. Stellen Sie sicher, dass Sie eine Verbindung mit dem
RD-Verbindungsbrokerserver herstellen können.
In C:\Windows\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:299 Zeichen:20
- ... $gateway = Get-RDServer -ConnectionBroker $ConnectionBroker -Role @( ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
- FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDServer
set-RDCertificate : In der Bereitstellung ist kein RD-Gatewayserver vorhanden.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:63 Zeichen:1
- set-RDCertificate -Role RDGateway `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
Get-RDServer : Der RD-Verbindungsbrokerserver ist nicht verfügbar. Stellen Sie sicher, dass Sie eine Verbindung mit dem
RD-Verbindungsbrokerserver herstellen können.
In C:\Windows\system32\WindowsPowerShell\v1.0\Modules\RemoteDesktop\Certificate.psm1:299 Zeichen:20
- ... $gateway = Get-RDServer -ConnectionBroker $ConnectionBroker -Role @( ...
-
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~- CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
- FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-RDServer
set-RDCertificate : In der Bereitstellung ist kein RD-Gatewayserver vorhanden.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:69 Zeichen:1
- set-RDCertificate -Role RDGateway `
-
+ CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Set-RDCertificate
Remove-Item : Der Pfad "C:\ProgramData\win-acme\temp-pfx.pfx" kann nicht gefunden werden, da er nicht vorhanden ist.
In C:\Program Files (x86)\Lets Encrypt\RDS_INSTALL_CERT.ps1:75 Zeichen:1
- Remove-Item -Path $tempPfxPath
-
+ CategoryInfo : ObjectNotFound: (C:\ProgramData\win-acme\temp-pfx.pfx:String) [Remove-Item], ItemNotFoundException + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.RemoveItemCommand`
What can i do?
my external FQDN Points to my Session Broker´s IP.
Getting these error messages.
`Import-PfxCertificate : The PFX file you are trying to import requires either a different password or membership in an
Active Directory principal to which it is protected.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:27 char:15
tificate
Export-PfxCertificate : Cannot bind argument to parameter 'Cert' because it is null.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:29 char:29
portPfxCertificate
Remove-Item : Cannot bind argument to parameter 'Path' because it is null.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:30 char:19
ommand
set-RDCertificate : The specified path C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx is not valid or not
accessible.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:34 char:1
set-RDCertificate : The specified path C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx is not valid or not
accessible.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:40 char:1
set-RDCertificate : The specified path C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx is not valid or not
accessible.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:46 char:1
set-RDCertificate : The specified path C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx is not valid or not
accessible.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:52 char:1
set-RDCertificate : Deployment does not contain an RD Gateway server.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:58 char:1
set-RDCertificate : Deployment does not contain an RD Gateway server.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:64 char:1
Remove-Item : Cannot find path 'C:\ProgramData\letsencrypt-win-simple\temp-pfx.pfx' because it does not exist.
At C:\Program Files\Lets Encrypt\RDS_INSTALL_CERT.ps1:70 char:1