Created
October 24, 2012 20:23
-
-
Save codingoutloud/3948621 to your computer and use it in GitHub Desktop.
Generate a self-signed certificate (*.cer) useful for use with the Windows Azure Service Management API. Optionally create Private Key (*pvk) and Personal Information Exchange (*.pfx) files.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@echo off | |
rem - Generate a self-signed certificate (*.cer) useful for use with the Windows Azure Service Management API. | |
rem - Optionally create Private Key (*pvk) and Personal Information Exchange (*.pfx) files. | |
rem - A more advanced version of https://gist.github.com/3767941 | |
rem - Assumes the makecert.exe and pvk2pfx.exe are available in your path on Windows. | |
rem - SOURCE: https://gist.github.com/3948621 | |
if .%1.==.. goto USAGE | |
if .%2.==.. goto USAGE | |
if "%3"=="-private" goto PRIVATE | |
makecert.exe -r -pe -n %1 -ss My -sky exchange -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 %2.cer | |
goto END | |
:PRIVATE | |
if .%4.==.. goto USAGE | |
rem TODO: The -l (link) option should be parameterized | |
rem This value shows up under SpcSpAgencyInfo property and also specifies the URL that the Issuer Statement | |
rem button will take you to in the Certificate dialog box on Windows | |
set LINK=www.devpartners.com | |
set EXPIRATION=12/31/2050 | |
makecert.exe -l %LINK% -e %EXPIRATION% -r -pe -n %1 -ss My -sky exchange -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 -sv %2.pvk %2.cer | |
rem Can leave off the -po (password) option, but not -pi (password) | |
pvk2pfx -pvk %2.pvk -pi %4 -spc %2.cer -pfx %2.pfx -f | |
goto END | |
:USAGE | |
echo. | |
echo USAGE: | |
echo. | |
echo make-waz-management-cert COMMON-NAME-STRING FILESPEC-WITHOUT-EXTENSION [-private PASSWORD] | |
echo Use of the optional -private parameter will result in several prompts for a password (NOTE: USE THE | |
echo SAME ONE EACH TIME including for the one passed in on command line) and will create the following: | |
echo FILESPEC-WITHOUT-EXTENSION.cer | |
echo FILESPEC-WITHOUT-EXTENSION.pvk | |
echo FILESPEC-WITHOUT-EXTENSION.pfx | |
echo. | |
echo EXAMPLE: | |
echo. | |
echo %0 "CN=WAZ Mgmt, O=DevPartners, OU=Bill Wilder, L=Boston, S=Massachusetts, C=US" billw-waz-mgmt | |
echo. | |
echo RESULTS IN: | |
echo. | |
echo makecert.exe -r -pe -n "CN=WAZ Mgmt (Bill Wilder)" -ss My -sky exchange -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 billw-azure-mgmt.cer | |
echo. | |
echo To include the local machine name as part of your certificate name, change the first parameter to something like: | |
echo "CN=WAZ Mgmt, O=%%COMPUTERNAME%%" | |
echo Note that the local machine name is less useful when the full certificate (private key) is being shared across multiple | |
echo machines (so they can all publish with the same credentials) since the "local" machine name is no longer correct (or meaningful). | |
echo. | |
:END |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment