Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.

Script to Request SSL Certificate

Created: 26 Jun 2012

If you are using SSL, and have a number of servers to install, here is a PowerShell script that will generate a certificate request that you can send to your CA.

 

<#
Description: Genereate an SSL Cert Request from IIS
Date: 01 June 2012
Author: Dave Wagner
#>

# ***** Define and Populate Variables *****
$Computer = hostname
$fqdn=[System.Net.Dns]::GetHostEntry([System.Net.Dns]::GetHostName()).HostName
$DCRequestFileName = "c:\temp\$Computer-CertRequest.req"
$DCRequestINFFileName = "c:\temp\$Computer-CertRequest.inf"

# ***** Create Server Certificate Request File *****
<#
Change the INF values to match your environment
#>
Write-Verbose "Create Server Certificate Request File (CertReq.inf) for $Computer `r"

$DCRequestINF =
@"
;----------------- request.inf ----------------- `r
 `r
[Version] `r
 `r
Signature="$Windows NT$ `r
 `r
[NewRequest] `r
 `r
Subject="CN=$fqdn, OU=Web Hosting Operations, O=Organization, L=Location, S=State, C=Country" `r
KeySpec = 1 `r
KeyLength = 2048 `r
Exportable = TRUE `r
MachineKeySet = TRUE `r
SMIME = False `r
PrivateKeyArchive = FALSE `r
UserProtected = FALSE `r
UseExistingKeySet = FALSE `r
ProviderName = "Microsoft RSA SChannel Cryptographic Provider" `r
ProviderType = 12 `r
RequestType = PKCS10 `r
KeyUsage = 0xa0 `r
 `r
;----------------------------------------------- `r
"@

write-output "Generating Certificate Request file... `r "
$DCRequestINF | out-file -filepath $DCRequestINFFileName -force

# ***** Use INF to create request *****
certreq -new $DCRequestINFFileName $DCRequestFileName

write-output "Certificate Request File Created. Use this file to request the DC's server certificate `r "