Prerequisite: https://github.com/FiloSottile/mkcert
$env:CAROOT = Join-Path $PSScriptRoot 'CA'
<#
mkcert creates the directory if it does not exist
if (-not (Test-Path $env:CAROOT)) {
New-Item -ItemType Directory -Path $env:CAROOT -ErrorAction:Stop
}
#>
$cmdMkCert = Join-Path -Path $PSScriptRoot -ChildPath "mkcert*" -Resolve -ErrorAction:Stop
$ipProps = [System.Net.NetworkInformation.IPGlobalProperties]::GetIPGlobalProperties()
$authList = [System.Collections.ArrayList]@(
$ipProps.HostName
)
if ($ipProps.DomainName) {
$authList += "*.$($ipProps.DomainName)"
}
$authList.Add(([System.Net.NetworkInformation.NetworkInterface]::GetAllNetworkInterfaces() `
| %{ $_.GetIPProperties().UnicastAddresses.Address.IPAddressToString } `
| ?{ $_ -notlike '*%*' }))
$argv = @(
'-pkcs12' # The generated pkcs file will match '$Hostname+<NumberOfHostnamesAsideHostname>.p12'
)
$argv += $authList
& $cmdMkCert @argv
& $cmdMkCert -install
$password = ConvertTo-SecureString -AsPlainText -String 'changeit' -Force
Get-ChildItem -Path $PSScriptRoot `
| Where-Object { $_.Name -match "$($ipProps.HostName)\+[0-9]+\.p12" } `
| ForEach-Object {
Import-PfxCertificate `
-Exportable `
-Password $password `
-FilePath $_.FullName `
-CertStoreLocation Cert:\LocalMachine\My
}