Win8.1 and Win2012 use PowerShell to quickly generate/install/export a Self-Signed Certificate (Self-Signed Certificate) tutorial

Source: Internet
Author: User
Tags pfx file

Self-signed certificates are widely used for testing, development, and use on local or cloud websites (such as Microsoft Azure Web Site. This article describes how to use PowerShell to quickly generate a self-signed certificate on Win8.1 and Win2012 R2, automatically export the private key, and automatically install it under LocalMachineMy and LocalMachineRoot. Easy to use. [Here is the complete script download link CodePlex or GitHub]

Currently, the methods for creating Self-Signed certificates include MakeCert and CertMgr, SelfSSL or SelfSSL7, built-in functions of IIS 7/8, or complicated PowerShell scripts. these methods require you to remember the complex parameters of multiple command lines, or perform manual UI operations, or have a deep understanding of the detailed logic of certificate generation. The script method here is to use the Powershell PKI Cmdlet that comes with the new system. You only need to tell the most basic certificate Subject, private key to protect the password, and export the private key path:

GenerateSelfSignedCert www.mytest.com MyTestPassword c: tempmytest. pfx

The functions used are defined as follows:

 

<#

. DESCRIPTION

SelfSignedCertificate AutoScript

. NOTES

Author: Freist Li

Last Updated: 10/30/2014

#>

# Cert Genearation Related Functions

#*************************************** **************************************** *************************************

# Create Cert, install Cert to My, install Cert to Root, Export Cert as pfx

Function GenerateSelfSignedCert {

Param (

$ Certcn,

$ Password,

$ Certfilepath

)

# Check if the certificate name was used before

$ ThumbprintA = (dir cert: localmachineMy-recurse | where {$ _. Subject-match "CN =" + $ certcn} | Select-Object-Last 1). thumbprint

If ($ thumbprintA. Length-gt 0)

{

Write-Host "Duplicated Cert Name used"-ForegroundColor Cyan

Return

}

Else

{

$ ThumbprintA = New-SelfSignedCertificate-DnsName $ certcn-CertStoreLocation cert: LocalMachineMy | ForEach-Object {$ _. Thumbprint}

}

# If generated successfully

If ($ thumbprintA. Length-gt 0)

{

# Query the new installed cerificate again

$ ThumbprintB = (dir cert: localmachineMy-recurse | where {$ _. Subject-match "CN =" + $ certcn} | Select-Object-Last 1). thumbprint

# If new cert installed sucessfully with the same thumbprint

If ($ thumbprintA-eq $ thumbprintB)

{

$ Message = $ certcn + "installed into LocalMachineMy successfully with thumprint" + $ thumbprintA

Write-Host $ message-ForegroundColor Cyan

$ Mypwd = convertid-SecureString-String $ password-Force-AsPlainText

Write-Host "Exporting Certificate as. pfx file"-ForegroundColor Cyan

Export-PfxCertificate-FilePath $ certfilepath-Cert cert: localmachineMy $ thumbprintA-Password $ mypwd

Write-Host "Importing Certificate to LocalMachineRoot"-ForegroundColor Cyan

Import-PfxCertificate-FilePath $ certfilepath-Password $ mypwd-CertStoreLocation cert: LocalMachineRoot

}

Else

{

Write-Host "Thumbprint is not the same between new cert and installed cert."-ForegroundColor Cyan

}

}

Else

{

$ Message = $ certcn + "is not created"

Write-Host $ message-ForegroundColor Cyan

}

}

 

After the certificate is generated and installed successfully, the PowerShell output is:

 

You can see in the Certificate Manager Console:

 

The generated. pfx files can be easily stored on the Web server or Microsoft AZure cloud:

 

Update:

Based on the above GenerateSelfSignedCert function, I used PowerShell to directly improve the UI and automatic script generation. In this way, a friendly Form window will pop up to generate the Code you want. You can run the Code or Copy Code immediately to another machine for execution (because you want to install the certificate, powerShell or PowerShell ISE is required as administrator ):

 

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.