JaekelEDV
12/7/2017 - 6:41 PM

Powershell Skript Create Selfsigned Certificate for Labs

Powershell Skrip Create Selfsigned Certificate for Labs

New-LabCert.ps1
content_copyfile_download
<# 
.SYNOPSIS 
    Function New-LabCert creates a selfsigned computercertificate for lab environments
.DESCRIPTION 
    This script creates a selfsigned computercertificate for lab environments. It is stored in cert:\localmachine\my
    and from there it is exported as a pfx-file to c:\. This file then gets imported in 'Trusted Roots' to make it trustworthy.
    Finally some cleanup is performed, e.g. the pfx-file will be deleted.
    Please consider to run it with the -verbose parameter to receive some informative output.
.PARAMETER DNSName
    This is the only but mandatory parameter. Please enter the DNSHostname of the machine you want this certificate for.
    This will become the CN of the certficate
.EXAMPLE
    Execute New-LabCert.ps1 directly from shell with dot sourcing
    . .\New-LabCert.ps1
    New-LabCert -DNSName Value
.NOTES 
    Author: Oliver Jäkel | oj@jaekel-edv.de | @JaekelEDV
#>

#requires -Version 3.0 -Modules PKI

#region Parameter Section
Function New-LabCert {
   [CmdletBinding()]
    param (
        [Parameter(Mandatory=$true,HelpMessage='Enter DNSName of the Host')][string] $DNSName)
        [string] $certstorelocation = 'Cert:\LocalMachine\'
    #endregion
  
  #region Create the selfsigned Certificate
  
  New-SelfSignedCertificate -CertStoreLocation $certstorelocation\My -DnsName $DNSName
  Write-Verbose -Message "Creating Selfsigned Computer Certificate for $DNSName"
  #endregion

  #region Export the certificate to filesystem
  
  Set-Location -Path Cert:\LocalMachine\My
  $cert = Get-ChildItem -Path .\ | Where-Object -EQ -Property Subject -Value "cn=$DNSName"
  $thumbprint = ($cert).Thumbprint
  
  $pwd = ConvertTo-SecureString -String "Pa$$w0rd" -Force -AsPlainText
  Export-PfxCertificate -Cert $certstorelocation\My\$thumbprint -FilePath $env:HOMEDRIVE\$DNSName.pfx -Password $pwd
  Write-Verbose -Message "Export the Certificate to $env:HOMEDRIVE"
  #endregion

  #region Import the certificate to Trusted Root

  Import-PfxCertificate -FilePath $env:HOMEDRIVE\$DNSName.pfx -CertStoreLocation $certstorelocation\Root -Password $pwd
  Write-Verbose -Message 'Import the Certificate to Trusted Root'
  #endregion
  
  #region Cleanup
    
  Set-Location -Path $env:HOMEDRIVE
  Remove-Item -Path $env:HOMEDRIVE\$DNSName.pfx
  #endregion
}