Skip to content

Instantly share code, notes, and snippets.

@marckean
Last active June 7, 2022 06:31
Show Gist options
  • Save marckean/71b173a28c16a87c7db5a0acd74f065f to your computer and use it in GitHub Desktop.
Save marckean/71b173a28c16a87c7db5a0acd74f065f to your computer and use it in GitHub Desktop.
$RadiusServer_FQDN = "WP-DC-01.wp.local"
$RadiusServer_Extension = "IP security IKE intermediate"
$CertStoreRootPath = 'LocalMachine'
$RootCertStore = "Cert:\$CertStoreRootPath\My"
$RadiusServer_Extension1 = "Server Authentication"
$RadiusServer_Extension2 = "Client Authentication"
$VPNServer_Extension1 = 'IP security IKE intermediate'
## Radius Server
$RadiusCertificate = Get-ChildItem -Path $RootCertStore `
| where {$_.EnhancedKeyUsageList.FriendlyName -eq $RadiusServer_Extension1 -and `
$_.EnhancedKeyUsageList.FriendlyName -eq $RadiusServer_Extension2 -and `
$_.subject -match $RadiusServer_FQDN}
$base64certificateB64 = @"
-----BEGIN CERTIFICATE-----
$([Convert]::ToBase64String($RadiusCertificate.Export('Cert'), [System.Base64FormattingOptions]::InsertLineBreaks))
-----END CERTIFICATE-----
"@
############################
# RADIUS SERVER CERTIFICATE NAME
$RadiusCertificate.subject | clip
# RADIUS SERVER PUBLIC CERTIFICATE DATA (Base64)
$base64certificateB64 | clip
############################
# RADIUS CLIENT CERTIFICATE NAME (VPN Server)
(Get-ChildItem -Path $RootCertStore | where {$_.EnhancedKeyUsageList.FriendlyName -eq $VPNServer_Extension1}).subject | clip
# RADIUS CLIENT THUMBPRINT (VPN Server)
(Get-ChildItem -Path $RootCertStore | where {$_.EnhancedKeyUsageList.FriendlyName -eq $VPNServer_Extension1}).Thumbprint | clip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment