Thursday, December 20, 2018

CertAuto

For a developer environment I had a few certificates that needed automatic renewal at certain intervals. The script below uses the PSPKI module to check if certificates are expiring on IIS-Site in X days and if so, renews the agains a local certification authority.
The PSPKI -module is really god for sending and approving certification requests  via Powershell when Microsofts own tools leaves room for improvement.

This is really only for a testenviroment and offline-enviroments.
Folder structure needs to created to look below




Certini contains the template for the certificate like below for example
 [Version]
Signature = "$Windows NT$"
[NewRequest]
Subject = "C=US,S=CA,L=OHIO,O=Fabrikam,OU=IT,CN=ajax.aspnetcdn.com"
Exportable = TRUE
KeyLength = 4096
KeySpec = 1
KeyUsage = 0xa0
MachineKeySet = True
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
Silent = True
SMIME = False
RequestType = PKCS10
FriendlyName = "ajax.aspnetcdn.com"



References:
https://www.sysadmins.lv/projects/pspki/default.aspx  - PSPKI Module
-
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Powershell and Uptimerobot

Uptimerobot can be quite tedious when you need to update many monitors at once. For example say you bought the license for Uptimerobot and n...

  • Remote Desktop Services in 2012
    Problem: In a customer environment they wanted to install RDS and DC on the same server. A nice cheap solution, which have worked perfectly...
  • Sharepoint 2019 and mysites
     I had some problems with the old familiar "Working on it" for mysites in Sharepoint 2019. It was difficult to find information ab...
  • SPD 2013 error workflow
    Error received for no apparent reason when creating workflow. Errors were found when compiling the workflow. The workflow files were save ...