How to use PowerShell to quickly generate, install, and derive a signed certificate (self-signed Certificate) on Win8.1 and Win2012

Source: Internet
Author: User
Tags pfx file

Self-signed certificates are used in a wide range of applications, such as testing, development, local or cloud Web sites (such as Microsoft Azure Web site). This article describes a method for quickly generating a self-signed certificate using PowerShell on Win8.1 and Win2012 R2, automatically exporting the private key, and automatically installing it under Localmachine\my and Localmachine\root. Very easy to use.

For now, the methods we've created to create self-signed certificates include MakeCert and CertMgr, with SelfSSL or SelfSSL7, with IIS 7/8, or with more complex PowerShell scripts. These methods require remembering multiple command-line complex parameters, or manual UI operations, or a deeper understanding of the details logic generated by the certificate. The scripting method here is to use the PowerShell PKI Cmdlet that comes with the new system, just to tell the most basic certificate subject, the private key protection password, and the path to the private key to be exported:

Generateselfsignedcert www.mytest.com Mytestpassword c:\temp\mytest.pfx

The functions used are defined as follows

<# . DESCRIPTION selfsignedcertificate Autoscript. NOTES author:freist lilast Updated:10/30/2014#>#Cert genearation Related Functions#*********************************************************************************************************** *********#Create Cert, install Cert to My, install Cert to Root, Export Cert as PFXFunctiongenerateselfsignedcert{Param ($CERTCN,$password,$certfilepath)#Check If the certificate name was used before$thumbprintA= (dir cert:\localmachine\my-recurse | where {$_. Subject-match "cn="+$CERTCN} | Select-object-last 1). Thumbprintif($thumbprintA. Length-GT0) {Write-host"duplicated Cert Name used"-Foregroundcolor Cyanreturn}Else{$thumbprintA=new-selfsignedcertificate-dnsname$CERTCN-certstorelocation Cert:\localmachine\my |ForEach-object{$_. Thumbprint}}#If generated successfullyif($thumbprintA. Length-GT0) {#Query the new installed cerificate again$thumbprintB= (dir cert:\localmachine\my-recurse | where {$_. Subject-match "cn="+$CERTCN} | Select-object-last 1). Thumbprint#If new cert installed sucessfully with the same thumbprintif($thumbprintA -eq $thumbprintB ){$message=$CERTCN+"installed to localmachine\my successfully with Thumprint"+$thumbprintAWrite-host$message-Foregroundcolor Cyan$mypwd= Convertto-securestring-string$password-Force–§casplaintextwrite-host"exporting Certificate as. pfx file"-Foregroundcolor Cyanexport-pfxcertificate-filepath$certfilepath-cert cert:\localmachine\my\$thumbprintA-password$mypwdWrite-host"importing Certificate to Localmachine\root"-Foregroundcolor Cyanimport-pfxcertificate-filepath$certfilepath-password$mypwd-certstorelocation Cert:\localmachine\root}Else{Write-host"Thumbprint is not the same between new cert and installed cert."-foregroundcolor Cyan}}Else{$message=$CERTCN+"is not created"Write-host$message-foregroundcolor Cyan}}

After the certificate has been generated and successfully installed, the PowerShell output is:

You can see it in the certificate Manager Console:

For the resulting. pfx file, you can easily put it on a Web server or in Microsoft Azure cloud:

Here is a complete script download link for self-signed certificate generation and installation

How to use PowerShell to quickly generate, install, and derive a signed certificate (self-signed Certificate) on Win8.1 and Win2012

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.