pakrym/CreateAppWithCert.ps1

## CreateAppWithCert.ps1
param($appName, $keyName, $pass, $keyvault)
$ErrorActionPreference = "Stop"

if (test-path "$keyName.pvk")
{
    rm "$keyName.pvk"
}

if (test-path "$keyName.cer")
{
    rm "$keyName.cer"
}

if (test-path "$keyName.pfx")
{
    rm "$keyName.pfx"
}

& "c:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" -sv "$keyName.pvk" -n "cn=$appName" "$keyName.cer" -b 08/25/2016 -e 08/25/2018 -r
& "c:\Program Files (x86)\Windows Kits\8.1\bin\x64\pvk2pfx" -pvk "$keyName.pvk" -spc "$keyName.cer" -pfx "$keyName.pfx" -po $pass


$fullCertName = Resolve-Path "$keyName.cer"
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate($fullCertName, $pass)
$keyValue = [System.Convert]::ToBase64String($cert.GetRawCertData())
$startDate = $cert.GetEffectiveDateString()
$endDate = $cert.GetExpirationDateString()

$adapp = New-AzureRmADApplication -DisplayName "$appName" -HomePage "http://$appName" -IdentifierUris "http://$appName" -KeyValue $keyValue -KeyType "AsymmetricX509Cert" -KeyUsage "Verify" -StartDate $startDate -EndDate $endDate
write-host $adapp.ApplicationId
$sp = New-AzureRmADServicePrincipal -ApplicationId $adapp.ApplicationId

Set-AzureRmKeyVaultAccessPolicy -VaultName $keyvault -ServicePrincipalName $sp.ServicePrincipalName  -PermissionsToKeys encrypt,decrypt,sign,wrapKey,unwrapKey -PermissionsToSecrets get,list
	param($appName, $keyName, $pass, $keyvault)
	$ErrorActionPreference = "Stop"

	if (test-path "$keyName.pvk")
	{
	rm "$keyName.pvk"
	}

	if (test-path "$keyName.cer")
	{
	rm "$keyName.cer"
	}

	if (test-path "$keyName.pfx")
	{
	rm "$keyName.pfx"
	}

	& "c:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" -sv "$keyName.pvk" -n "cn=$appName" "$keyName.cer" -b 08/25/2016 -e 08/25/2018 -r
	& "c:\Program Files (x86)\Windows Kits\8.1\bin\x64\pvk2pfx" -pvk "$keyName.pvk" -spc "$keyName.cer" -pfx "$keyName.pfx" -po $pass


	$fullCertName = Resolve-Path "$keyName.cer"
	$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate($fullCertName, $pass)
	$keyValue = [System.Convert]::ToBase64String($cert.GetRawCertData())
	$startDate = $cert.GetEffectiveDateString()
	$endDate = $cert.GetExpirationDateString()

	$adapp = New-AzureRmADApplication -DisplayName "$appName" -HomePage "http://$appName" -IdentifierUris "http://$appName" -KeyValue $keyValue -KeyType "AsymmetricX509Cert" -KeyUsage "Verify" -StartDate $startDate -EndDate $endDate
	write-host $adapp.ApplicationId
	$sp = New-AzureRmADServicePrincipal -ApplicationId $adapp.ApplicationId

	Set-AzureRmKeyVaultAccessPolicy -VaultName $keyvault -ServicePrincipalName $sp.ServicePrincipalName -PermissionsToKeys encrypt,decrypt,sign,wrapKey,unwrapKey -PermissionsToSecrets get,list