ashemedai/get-cert.ps1

## get-cert.ps1
# Run within WSL2 as: pwsh.exe -File get-cert.ps1
#
# PowerShell 7.3 wraps .NET 7
# 1 is for line breaks at column 76 - https://learn.microsoft.com/en-us/dotnet/api/system.base64formattingoptions?view=net-7.0
$Base64FormattingOptions = 1

# Put the common name (CN) here, typically in the form of '[company name] Root CA'
$SubjectCN = "[company name] Root CA"

$Name = $SubjectCN -replace '[\W]', '_'
$OutputFile = "{0}.crt" -f $Name
if (Test-Path $OutputFile) {
        Remove-Item $OutputFile -Force
}

$Certificate = Get-ChildItem Cert:\LocalMachine\Root | Where-Object { $_.Subject -like "*$($SubjectCN)*" }
if ($Certificate -eq "") {
        Write-Output "Couldn't find matching certificate in the LocalMachine store"
        exit 1
}

Write-Host "Creating PEM for '$($Certificate.Subject)'"

# Build a PEM by hand
$Pem = New-Object System.Text.StringBuilder
[void]$Pem.AppendLine("-----BEGIN CERTIFICATE-----")
[void]$Pem.AppendLine([System.Convert]::ToBase64String($Certificate.RawData, $Base64FormattingOptions))
[void]$Pem.AppendLine("-----END CERTIFICATE-----")

Write-Host "Writing PEM file to '$($OutputFile)'`n"
$Pem.toString() | Add-Content -NoNewline $OutputFile

Write-Host "To use this file on Debian or Ubuntu (it expects the file to end in .crt):"
Write-Host "  sudo cp $($OutputFile) /usr/local/share/ca-certificates/"
Write-Host "  sudo update-ca-certificates"
Write-Host "`nTo use this file with curl and tools depending on libcurl:"
Write-Host "  export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt"
Write-Host "`nTo use this file with Node.js' npm:"
Write-Host "  npm config set ca /usr/local/share/ca-certificates/$($Outputfile)"
Write-Host "`nTo use this file with Python's pip:"
Write-Host "  pip config set global.cert /usr/local/share/ca-certificates/$($Outputfile)"
	# Run within WSL2 as: pwsh.exe -File get-cert.ps1
	#
	# PowerShell 7.3 wraps .NET 7
	# 1 is for line breaks at column 76 - https://learn.microsoft.com/en-us/dotnet/api/system.base64formattingoptions?view=net-7.0
	$Base64FormattingOptions = 1

	# Put the common name (CN) here, typically in the form of '[company name] Root CA'
	$SubjectCN = "[company name] Root CA"

	$Name = $SubjectCN -replace '[\W]', '_'
	$OutputFile = "{0}.crt" -f $Name
	if (Test-Path $OutputFile) {
	Remove-Item $OutputFile -Force
	}

	$Certificate = Get-ChildItem Cert:\LocalMachine\Root \| Where-Object { $_.Subject -like "$($SubjectCN)" }
	if ($Certificate -eq "") {
	Write-Output "Couldn't find matching certificate in the LocalMachine store"
	exit 1
	}

	Write-Host "Creating PEM for '$($Certificate.Subject)'"

	# Build a PEM by hand
	$Pem = New-Object System.Text.StringBuilder
	[void]$Pem.AppendLine("-----BEGIN CERTIFICATE-----")
	[void]$Pem.AppendLine([System.Convert]::ToBase64String($Certificate.RawData, $Base64FormattingOptions))
	[void]$Pem.AppendLine("-----END CERTIFICATE-----")

	Write-Host "Writing PEM file to '$($OutputFile)'`n"
	$Pem.toString() \| Add-Content -NoNewline $OutputFile

	Write-Host "To use this file on Debian or Ubuntu (it expects the file to end in .crt):"
	Write-Host " sudo cp $($OutputFile) /usr/local/share/ca-certificates/"
	Write-Host " sudo update-ca-certificates"
	Write-Host "`nTo use this file with curl and tools depending on libcurl:"
	Write-Host " export CURL_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt"
	Write-Host "`nTo use this file with Node.js' npm:"
	Write-Host " npm config set ca /usr/local/share/ca-certificates/$($Outputfile)"
	Write-Host "`nTo use this file with Python's pip:"
	Write-Host " pip config set global.cert /usr/local/share/ca-certificates/$($Outputfile)"