12/7/2017 - 6:41 PM

Powershell Skript Create Selfsigned Certificate for Labs

Powershell Skrip Create Selfsigned Certificate for Labs

    Function New-LabCert creates a selfsigned computercertificate for lab environments
    This script creates a selfsigned computercertificate for lab environments. It is stored in cert:\localmachine\my
    and from there it is exported as a pfx-file to c:\. This file then gets imported in 'Trusted Roots' to make it trustworthy.
    Finally some cleanup is performed, e.g. the pfx-file will be deleted.
    Please consider to run it with the -verbose parameter to receive some informative output.
    This is the only but mandatory parameter. Please enter the DNSHostname of the machine you want this certificate for.
    This will become the CN of the certficate
    Execute New-LabCert.ps1 directly from shell with dot sourcing
    . .\New-LabCert.ps1
    New-LabCert -DNSName Value
    Author: Oliver Jäkel | oj@jaekel-edv.de | @JaekelEDV

#requires -Version 3.0 -Modules PKI

#region Parameter Section
Function New-LabCert {
    param (
        [Parameter(Mandatory=$true,HelpMessage='Enter DNSName of the Host')][string] $DNSName)
        [string] $certstorelocation = 'Cert:\LocalMachine\'
  #region Create the selfsigned Certificate
  New-SelfSignedCertificate -CertStoreLocation $certstorelocation\My -DnsName $DNSName
  Write-Verbose -Message "Creating Selfsigned Computer Certificate for $DNSName"

  #region Export the certificate to filesystem
  Set-Location -Path Cert:\LocalMachine\My
  $cert = Get-ChildItem -Path .\ | Where-Object -EQ -Property Subject -Value "cn=$DNSName"
  $thumbprint = ($cert).Thumbprint
  $pwd = ConvertTo-SecureString -String "Pa$$w0rd" -Force -AsPlainText
  Export-PfxCertificate -Cert $certstorelocation\My\$thumbprint -FilePath $env:HOMEDRIVE\$DNSName.pfx -Password $pwd
  Write-Verbose -Message "Export the Certificate to $env:HOMEDRIVE"

  #region Import the certificate to Trusted Root

  Import-PfxCertificate -FilePath $env:HOMEDRIVE\$DNSName.pfx -CertStoreLocation $certstorelocation\Root -Password $pwd
  Write-Verbose -Message 'Import the Certificate to Trusted Root'
  #region Cleanup
  Set-Location -Path $env:HOMEDRIVE
  Remove-Item -Path $env:HOMEDRIVE\$DNSName.pfx