Created
November 28, 2023 02:44
-
-
Save plambrechtsen/e622ec6805e92000695e925d2e31ee02 to your computer and use it in GitHub Desktop.
Generate Azure Self Signed Certificate for SAML
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate a 5 year self signed cert without KeyUsage, Subject Key Identifier and Enhanced Key Usage | |
| # As per: https://learn.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate | |
| $Certificate=New-SelfSignedCertificate –Subject "SAML SSO Certificate" -CertStoreLocation Cert:\CurrentUser\My -KeyUsage None -KeyAlgorithm RSA -KeyLength 2048 -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(5) -SuppressOid "2.5.29.14","2.5.29.37" | |
| # Exported DER binary public key file | |
| Export-Certificate -Cert $Certificate -FilePath ".\SSO.cer" | |
| # Exported PEM text format public key file | |
| $pemFileContent = @( | |
| '-----BEGIN CERTIFICATE-----' | |
| [System.Convert]::ToBase64String($Certificate.RawData, 'InsertLineBreaks') | |
| '-----END CERTIFICATE-----' | |
| ) | |
| $pemFileContent | Out-File -FilePath '.\SSO.pem' -Encoding ascii | |
| # Exported PKCS12/PFX private key with a password of "password" | |
| $Pwd = ConvertTo-SecureString -String "password" -Force -AsPlainText | |
| Export-PfxCertificate -Cert $Certificate -FilePath ".\SSO.pfx" -Password $Pwd |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment