Public/New-SifCerts.ps1
|
#Requires -Modules SitecoreInstallFramework, SitecoreFundamentals, PKI #Requires -RunAsAdministrator function New-SifCerts { param ( [Parameter(Mandatory=$true)] [string] $RootCertName, [Parameter(Mandatory=$true)] [string] $ClientCertName, [Parameter(Mandatory=$true)] [string] $ServerCertName, [Parameter(Mandatory=$true)] [string] $SaveCertPath, [securestring] $PfxPassword = (ConvertTo-SecureString -String 'temp1234' -AsPlainText -Force) ) try { $originalRootCertName = $RootCertName if ($RootCertName -notlike '*DO_NOT_TRUST*') { $RootCertName = "DO_NOT_TRUST_$($RootCertName)" } $rootCertResult = New-RootCertificate -Path $SaveCertPath -Name $RootCertName -DnsName $RootCertName $importCertResult = Import-Certificate -FilePath $rootCertResult.FileInfo.Fullname -CertStoreLocation Cert:\LocalMachine\Root Rename-Item -Path (Join-Path $SaveCertPath "$RootCertName.crt") -NewName "$originalRootCertName.crt" $clentCertInfo = New-SignedCertificate -Path $SaveCertPath -Signer $rootCertResult.Certificate -Name $ClientCertName -DnsName $ClientCertName $clientPfx = $clentCertInfo.Certificate | Export-PfxCertificate -FilePath (Join-Path -Path $SaveCertPath -ChildPath "$($ClientCertName).pfx") -Password $PfxPassword $severCertInfo = New-SignedCertificate -Path $SaveCertPath -Signer $rootCertResult.Certificate -Name $ServerCertName -DnsName $ServerCertName $serverPfx = $severCertInfo.Certificate | Export-PfxCertificate -FilePath (Join-Path -Path $SaveCertPath -ChildPath "$($ServerCertName).pfx") -Password $PfxPassword $result = @{ RootCertResult = $rootCertResult PublicClientCert = $clentCertInfo PublicServerCert = $severCertInfo PrivateClientCert = $clientPfx PrivateServerCert = $serverPfx } return $result } catch { Write-Error $_ } } |