如何在Win8.1和Win2012上运用PowerShell快速生成、安装、导出自签名证书 (Self-Signed Certificate)
2020-12-13 14:52
标签:des style blog http io color os ar 使用 自签名证书用途很广,测试,开发,本地或者云端网站(比如Microsoft Azure Web Site)都会使用到。本文会介绍一种在Win8.1和Win2012 R2上使用PowerShell快速生成自签名证书,自动导出私钥并在LocalMachine\My和LocalMachine\Root下自动安装的方法。非常易用。 目前来说,我们已有的创建Self-Signed证书方法包括用MakeCert和CertMgr的,用SelfSSL或SelfSSL7的,用IIS 7/8自带功能的,或者用比较复杂的PowerShell脚本. 这些方法会要求记住多个命令行复杂的参数,或者手工UI操作,或者对证书生成的细节逻辑有比较深的认识。这里的脚本方法是使用新系统下自带的Powershell PKI Cmdlet, 只需要告诉最基本的证书Subject, 私钥保护密码,和导出私钥的路径即可: 使用的函数定义如下 证书产生和安装成功后,PowerShell输出为: 可以在Certificate Manager Console 里面看到: 对于产生的.pfx文件,可以很容易放到Web服务器或者Microsoft AZure云端使用: 这里是自签名证书生成和安装的 完整的脚本下载链接 如何在Win8.1和Win2012上运用PowerShell快速生成、安装、导出自签名证书 (Self-Signed Certificate) 标签:des style blog http io color os ar 使用 原文地址:http://www.cnblogs.com/freistli/p/4067085.htmlGenerateSelfSignedCert www.mytest.com MyTestPassword c:\temp\mytest.pfx
#
.DESCRIPTION
SelfSignedCertificate AutoScript
.NOTES
Author: Freist Li
Last Updated: 10/30/2014
#>
#Cert Genearation Related Functions
#********************************************************************************************************************
#Create Cert, install Cert to My, install Cert to Root, Export Cert as pfx
Function GenerateSelfSignedCert{
Param (
$certcn,
$password,
$certfilepath
)
#Check if the certificate name was used before
$thumbprintA=(dir cert:\localmachine\My -recurse | where {$_.Subject -match "CN=" + $certcn} | Select-Object -Last 1).thumbprint
if ($thumbprintA.Length -gt 0)
{
Write-Host "Duplicated Cert Name used" -ForegroundColor Cyan
return
}
else
{
$thumbprintA=New-SelfSignedCertificate -DnsName $certcn -CertStoreLocation cert:\LocalMachine\My |ForEach-Object{ $_.Thumbprint}
}
#If generated successfully
if ($thumbprintA.Length -gt 0)
{
#query the new installed cerificate again
$thumbprintB=(dir cert:\localmachine\My -recurse | where {$_.Subject -match "CN=" + $certcn} | Select-Object -Last 1).thumbprint
#If new cert installed sucessfully with the same thumbprint
if($thumbprintA -eq $thumbprintB )
{
$message = $certcn + " installed into LocalMachine\My successfully with thumprint "+$thumbprintA
Write-Host $message -ForegroundColor Cyan
$mypwd = ConvertTo-SecureString -String $password -Force –§CAsPlainText
Write-Host "Exporting Certificate as .pfx file" -ForegroundColor Cyan
Export-PfxCertificate -FilePath $certfilepath -Cert cert:\localmachine\My\$thumbprintA -Password $mypwd
Write-Host "Importing Certificate to LocalMachine\Root" -ForegroundColor Cyan
Import-PfxCertificate -FilePath $certfilepath -Password $mypwd -CertStoreLocation cert:\LocalMachine\Root
}
else
{
Write-Host "Thumbprint is not the same between new cert and installed cert." -ForegroundColor Cyan
}
}
else
{
$message = $certcn + " is not created"
Write-Host $message -ForegroundColor Cyan
}
}
上一篇:jQuery对table排序
下一篇:C#写TXT文档
文章标题:如何在Win8.1和Win2012上运用PowerShell快速生成、安装、导出自签名证书 (Self-Signed Certificate)
文章链接:http://soscw.com/essay/34579.html