Skip to content

Instantly share code, notes, and snippets.

@ridomin
Last active June 14, 2019 20:42
Show Gist options
  • Save ridomin/9f1dad25727bddd4a34b77a66b82c795 to your computer and use it in GitHub Desktop.
Save ridomin/9f1dad25727bddd4a34b77a66b82c795 to your computer and use it in GitHub Desktop.
CreateTestCertificateChain.ps1
$RootCACert= New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestRootCA" -FriendlyName "testRoot" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\My -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=3")
$IMCACert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestSubCA01" -FriendlyName "SubCA-01" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=0") -Signer $RootCACert
$TestCert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1test-device01" -FriendlyName "Test-Device-01" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -Signer $IMCACert
$RootCACert
$IMCACert
$TestCert
Export-Certificate -Cert $RootCACert -FilePath 1TestRootCA.cer -Type CERT
Export-Certificate -Cert $IMCACert -FilePath 1TestSubCA.cer -Type CERT
Export-Certificate -Cert $TestCert -FilePath 1TestDevice1.cer -Type CERT
$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Export-PfxCertificate -Cert $RootCACert -FilePath 1TestRootCA.pfx -Password $mypwd
Export-PfxCertificate -Cert $IMCACert -FilePath 1TestSubCA.pfx -Password $mypwd
Export-PfxCertificate -Cert $TestCert -FilePath 1TestDevice1.pfx -Password $mypwd
Import-Certificate -FilePath 1TestRootCA.cer -CertStoreLocation Cert:\LocalMachine\Root
$subca = gci cert:\CurrentUser\My\DE2045EB8567FDE12D64DB026F89CCB5F41CE9AC
$EdgeDeviceCert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "rido-iotedge" -FriendlyName "rido-iotEdge" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -Signer $subca
Export-Certificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.cer -Type CERT
Export-PfxCertificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.pfx -Password $pwd
@ridomin
Copy link
Author

ridomin commented Jun 7, 2019

-----BEGIN CERTIFICATE-----
MIIFRDCCAyygAwIBAgIQTi8w3Rk1f4pJBJQQgcm7BTANBgkqhkiG9w0BAQsFADAW
MRQwEgYDVQQDDAsxVGVzdFJvb3RDQTAeFw0xOTA2MDcwNjI3MjdaFw0yMDA2MDcw
NjQ3MjdaMBYxFDASBgNVBAMMCzFUZXN0Um9vdENBMIICIjANBgkqhkiG9w0BAQEF
AAOCAg8AMIICCgKCAgEAwACtUJrcQZyWeh/I8Cb8ivo7uB5oFXbgj2RYHM/44emN
pXv8INlGHgpOZRjeC7rUZag7tR5qWCuCaEOd/rcBdOQgvSJIY64dCzjjdbB+1/Q7
xkO61AIBhI1NUDzW37RjLAsHUjT/cx6uXokQMSPW8CIxFz2wg+Uex6ujRgv2iZGw
VcopRrYZ/3HK2z8jPFgOUEUjH1bnImgLHEKfKtUhE6adMfrZ8N4ZqLNqIlpwNwv0
+rZ2WZ0eIxSq+K/XaOwOzRdaHAAWsO/Ht3/Ka2Z2dDUrxhju/AiB4uN95dGuXrCx
/OpIs75WkYMXb3vUfwnjmRs09h9z3uXsd76hBfW/vBZmcg7uGkEJghKVyp/jwGpu
MArbvZoKIZYw3Y/46kvWCkZtyggYGJ/1YppVlkwgaI0tMqbEhWXgSg6s6YCmjE0N
sFiaEopXsSTZAxcBu2m6Wk6807XauJt41yCCgtOnRuNJ8X9tzilGfw6SwkcT2GHU
/QOGlPHbwdlLfO2PqNFJ5WZhR3pZW+W3wWPIo8Qj6Xln7X3+0XhRS37a2F1l+NNm
A86/dj4Fi0v+aMWG035u/Igun3uy77gCvfpJGlwGqokDXkCHO9di9ViMaCeltNfI
/NrSqgTch59petRWAXK5LDaQZ9oFwEzo6/6Dr4fVL2JV6snTEBI6wLG80B+u34kC
AwEAAaOBjTCBijAOBgNVHQ8BAf8EBAMCAjQwHQYDVR0lBBYwFAYIKwYBBQUHAwIG
CCsGAQUFBwMBMCYGA1UdEQQfMB2CG1JpZG9JVEh1Yi5henVyZS1kZXZpY2VzLm5l
dDASBgNVHRMBAf8ECDAGAQH/AgEDMB0GA1UdDgQWBBQ+S/Iecary/F3FrcHQK0JW
1NU+VTANBgkqhkiG9w0BAQsFAAOCAgEAi1Sggg6IB+8hkXQnYPNGYwMt7euteR2K
np4PYkp+diVsa2ANAFWJgYTozSntYcLwi8L6WnTCvtR+G4vRXYw8AhT74EbEgRHS
hEkStZ5j5Krw/Gr/a/yKf6VkHGDzYuqeItYrJ5zReiEa7ss/ShA51msQkZuQ/LHQ
bJ1hM5hEbpq/WutbyznfIBh0s4YgGMj9NHGgEQXukLH7sxGNc8zypYOz0+qCAIw/
xgAcgLx0S/5UjMDjewHM+thGoC/rxjNxRvnG31fxc+DfmOfGjdcVqXBQU2nAvgfv
qYPD++LVe9rsPxBM17h/G5TIU7Nmm3nlH83Um4SRv4fMcfAStaKx/6/ehmQvja5c
RGY7cjFe0Ey9qI+GUoE+GiiUmgfwXq0sCLTq6zMRVgbLMfXC/5JNHl6G+Gu+N0b8
veO5EMr7wSBSnoHMF8KAT18qdJo4OwUpi34eH95cOGFTj/0gNy010IAuLXi//ZyS
TJvYEaspXCAsLGi22AnETb24/4txzEy0duKmsxsS6tC1YFj5Nn1CHWctM150IKb0
Fm1l6xcx1UNJUPj1XghrW96BK4TVHHhOZLhU9PtrC/65qPA7LIJUmtxnSNJLCTuL
/OfQSmRC6BNkdEcps0SWTw92yvuCVS0CSW2xuLhb8ENB6JfkwAO3cfXX3wFyuhL7
Ir6Yc4ufJSU=
-----END CERTIFICATE-----

@ridomin
Copy link
Author

ridomin commented Jun 7, 2019

Test Device

-----BEGIN CERTIFICATE-----
MIIFVTCCAz2gAwIBAgIQKoSmSGRue55KCzabzXGCPzANBgkqhkiG9w0BAQsFADAX
MRUwEwYDVQQDDAwxVGVzdFN1YkNBMDEwHhcNMTkwNjA3MDYyNzI5WhcNMjAwNjA3
MDY0NzI3WjAZMRcwFQYDVQQDDA4xdGVzdC1kZXZpY2UwMTCCAiIwDQYJKoZIhvcN
AQEBBQADggIPADCCAgoCggIBAL6WaSk6gf82c+zMQmpJDx4CYi7mGWiiUfn5/05+
eg6yT8FWfNIf344VDvIPoR/EPvlglleAUTj5n8fMQPNx403/tAluvM5olI1RdC9/
wgI3+WjwwKseMxvNqBzIZkICjGKZ5DweHlfjudRxTPiINdDNXM/uyPgHzJEqVoIg
VEvRkG+BTlIWj8YDmTrz4/hE50Rx5anWPEIn7RXAydVlXE5xPAxnV83a3Duqcgap
PiVYJs293u+CCPVCXsSQY1TsmrWGXlh0+5zePpmMuAQ+jV2OA9KPAVlAa0/IuM5V
FQBwCFdRAH+79E3q7gQBXRm4DatO+iT83WQCwXbGo3HNwibPEuwwNENzKhS9Tzjl
Cud5Ld6olb2wvVEFrTPC38YeKZY2VTj3oE3xQMDDhv+x/RfS5rdD3bD6hEQ8Oe92
CIw5vfCWoeR63shr3mURRQg/AFvTOUX5OsNgAwtr4ghgrQGgwf9u2w8gvoExiKWy
/VvFjzMcTZ2x2VvxFL3kZ6vKiH0o2fWbOHMYyQw6AZzFB1Shyvc9oiTqCyg3na4A
Hdws1m56t5K4S6RTfXNByRuoodnGP5oScacqfjujWFjJnZRObr9o8vZKRf8dkQdP
9TbCwyILc3D2GAh8A0e8ShvTtcB7F1k5eRjdl+8Z4QX9yLLoXerN/nm+2A0AU7il
ykrFAgMBAAGjgZowgZcwDgYDVR0PAQH/BAQDAgQwMB0GA1UdJQQWMBQGCCsGAQUF
BwMCBggrBgEFBQcDATAmBgNVHREEHzAdghtSaWRvSVRIdWIuYXp1cmUtZGV2aWNl
cy5uZXQwHwYDVR0jBBgwFoAUUAqtFNgJ9h9/ffTl78CEIwD71i8wHQYDVR0OBBYE
FG8xHo9402V35IRDpSB1U1H1hirbMA0GCSqGSIb3DQEBCwUAA4ICAQADwyQwgJyC
G8XeQfSIvj5JdiLMd4MAtlU5AobiTm99Roq8Nf3cZBbtkQl3EiJVh+KTmOa2UUmC
qazJ77Q54KoH71qaYHCzWqZApbVfUrEtGKUiZaYZdeM0DvwvhjbuB7aOHtFx7ZJB
8OVd+3zmOA2X51zzwUUwsj7sh5FwS/4EJXzz/WWo6hx3vZ4Ow+B6Ydu2AFs8MiKz
3jlenyO/XMXYDJ2KYzhlSzQdvyjsb0xE8f6M9toplDqywWlfqUwErqrA3WxTcIQr
VGi+8YJm2jIgPKWNc4HlMCJfil93loCY+KzCk4IRipS/mXlEW1YytBddCjI3Okkn
/wizAx89C3WgzAxcV9HihIz/Y1/iHXVsbdZUtBcUWGzp+jdeNlQIkuR7FN1EJSEQ
NHl/VgXwzvz0zEpU/9Jylpw0bT+Wh49moyMe2fI0Nji5jqpchLNEBQgi6MHBtvOW
ey2AyOZqV/7S7kUG5ZrbSl5ZApEdWklavDykvP37mNc5szRyHy1biIwkE7WjUHqj
xvgOStARXMU0hrymKdB4diI34a0g8CPpKeKDpwoOaW9PSkDS4zGDoa94vy3s3PHc
MaXTOcfjW4qVhz5iPmQw/C9OI38i2Rqiiz25Zo/5KL1CImBMgNVjl01EzvrHDvU4
Vd0j7p3teGlZA9fO8vcvfzt9h6IHYnAQVQ==
-----END CERTIFICATE-----

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment