-
Notifications
You must be signed in to change notification settings - Fork 25
/
Copy pathSelfSignCert.ps1
22 lines (13 loc) · 992 Bytes
/
SelfSignCert.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
$rootcert = New-SelfSignedCertificate -CertStoreLocation cert:\CurrentUser\My -DnsName "SystemCenterDudes Lab CA" -KeyUsage CertSign
Write-host "Certificate Thumbprint: $($rootcert.Thumbprint)"
#This needs to be added to Trusted Root on all labcomputers
Export-Certificate -Cert $rootcert -FilePath C:\certtemp\SCDudesRootCA.cer
# Other key options
-KeyAlgorithm RSA/ECDSA_secp384r1 -KeyLength 2048/4096
-NotAfter (Get-Date).AddMonths(6)
#Imports certificate to Trusted Publishers (Requires "Run as Administrator")
Import-Certificate -FilePath C:\certtemp\SCDudesRootCA.cer -CertStoreLocation Cert:\LocalMachine\Root
#the thumbprint of need to be changed to your root certificate.
$rootca = Get-ChildItem cert:\CurrentUser\my | Where-Object {$_.Thumbprint -eq "C46F2E3F10E61DFBCA006FFD8F245125AC4B371D"}
#Path can be changed to 'cert:\CurrentUser\My\' if needed
New-SelfSignedCertificate -certstorelocation cert:\LocalMachine\My -dnsname mylabserver.scdudeslab.com -Signer $rootca