ridomin/CreateTestCertificateChain.ps1

## CreateTestCertificateChain.ps1
$RootCACert= New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestRootCA" -FriendlyName "testRoot"  -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\My -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=3")
$IMCACert  = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestSubCA01" -FriendlyName "SubCA-01"  -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=0") -Signer $RootCACert
$TestCert  = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment           -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1test-device01"  -FriendlyName "Test-Device-01" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -Signer $IMCACert

$RootCACert
$IMCACert
$TestCert

Export-Certificate -Cert $RootCACert -FilePath 1TestRootCA.cer -Type CERT
Export-Certificate -Cert $IMCACert -FilePath 1TestSubCA.cer -Type CERT
Export-Certificate -Cert $TestCert -FilePath 1TestDevice1.cer -Type CERT


$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Export-PfxCertificate -Cert $RootCACert -FilePath  1TestRootCA.pfx -Password $mypwd
Export-PfxCertificate -Cert $IMCACert -FilePath 1TestSubCA.pfx -Password $mypwd
Export-PfxCertificate -Cert $TestCert -FilePath 1TestDevice1.pfx -Password $mypwd

Import-Certificate -FilePath 1TestRootCA.cer -CertStoreLocation Cert:\LocalMachine\Root

## signDeviceCert.ps1
$subca = gci cert:\CurrentUser\My\DE2045EB8567FDE12D64DB026F89CCB5F41CE9AC
$EdgeDeviceCert  = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "rido-iotedge"  -FriendlyName "rido-iotEdge" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my  -Signer $subca
Export-Certificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.cer -Type CERT
Export-PfxCertificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.pfx -Password $pwd
	$RootCACert= New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestRootCA" -FriendlyName "testRoot" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\My -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=3")
	$IMCACert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1TestSubCA01" -FriendlyName "SubCA-01" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -TextExtension @("2.5.29.19 ={text}ca=1&pathlength=0") -Signer $RootCACert
	$TestCert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "1test-device01" -FriendlyName "Test-Device-01" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -dnsname "RidoITHub.azure-devices.net" -Signer $IMCACert

	$RootCACert
	$IMCACert
	$TestCert

	Export-Certificate -Cert $RootCACert -FilePath 1TestRootCA.cer -Type CERT
	Export-Certificate -Cert $IMCACert -FilePath 1TestSubCA.cer -Type CERT
	Export-Certificate -Cert $TestCert -FilePath 1TestDevice1.cer -Type CERT


	$mypwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
	Export-PfxCertificate -Cert $RootCACert -FilePath 1TestRootCA.pfx -Password $mypwd
	Export-PfxCertificate -Cert $IMCACert -FilePath 1TestSubCA.pfx -Password $mypwd
	Export-PfxCertificate -Cert $TestCert -FilePath 1TestDevice1.pfx -Password $mypwd

	Import-Certificate -FilePath 1TestRootCA.cer -CertStoreLocation Cert:\LocalMachine\Root
	$subca = gci cert:\CurrentUser\My\DE2045EB8567FDE12D64DB026F89CCB5F41CE9AC
	$EdgeDeviceCert = New-SelfSignedCertificate -KeyUsage KeyEncipherment, DataEncipherment, CertSign -HashAlgorithm SHA256 -KeyUsageProperty All -KeyLength 4096 -Subject "rido-iotedge" -FriendlyName "rido-iotEdge" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -certstorelocation cert:\CurrentUser\my -Signer $subca
	Export-Certificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.cer -Type CERT
	Export-PfxCertificate -Cert $EdgeDeviceCert -FilePath rido-iotedge.pfx -Password $pwd