Sitecore.Automation.Framework

1.2.5

Pipelines/Steps/Install/OnPrem/Sitecore/XP/Scaled/9.2/0/createcert.json

                                {

    "Parameters": {

        "CertificateName": {

            "Type": "String",

            "Description": "The name of the certificate to be created.",

            "DefaultValue": ""

        },

        "CertPath": {

            "Type": "String",

            "Description": "The physical path on disk where certificates will be stored.",

            "DefaultValue": "C:\\certificates"

        },

        "RootCertFileName": {

            "Type": "String",

            "Description": "The file name of the root certificate to be created.",

            "DefaultValue": "SitecoreRootCert"

        },

        "ExportPassword": {

            "Type": "String",

            "Description": "Password to export certificates with.",

            "DefaultValue": "SIF-Default"

        }

    },

    "Variables": {

        "Root.Cert.DnsName": "[concat('DO_NOT_TRUST_', parameter('RootCertFileName'))]",

        "Root.Cert.Store": "Cert:\\LocalMachine\\Root",

        "Client.Cert.Store": "Cert:\\LocalMachine\\My",

        "Export.Password": "[if(variable('User.Supplied.Password'),variable('Secure.Password'),variable('Convert.User.Password'))]",

        "User.Supplied.Password": "[equal(parameter('ExportPassword'),'SIF-Default')]",

        "Secure.Password": "[ConvertToSecureString(String:variable('Password.String'),AsPlainText:true,Force:true)]",

        "Password.String": "[RandomString(Length:20,EnforceComplexity:True)]",

        "Convert.User.Password": "[ConvertToSecureString(String:parameter('ExportPassword'),AsPlainText:true,Force:true)]"

    },

    "Register": {

        "Tasks": {

            "WriteInformation": "Write-Information"

        },

        "ConfigFunction": {

            "ConvertToSecureString": "ConvertTo-SecureString"

        }

    },

    "Tasks": {

        "CreatePaths": {

            "Description": "Create the physical disk path.",

            "Type": "EnsurePath",

            "Params": {

                "Exists": [

                    "[parameter('CertPath')]"

                ]

            }

        },

        "DisplayPassword": {

            "Description": "Print password if the user hasn't supplied their own.",

            "Type": "WriteInformation",

            "Params": {

                "Messagedata": "[concat('Certificate Password: ',variable('Password.String'))]",

                "InformationAction": "Continue"

            },

            "Skip": "[not(variable('User.Supplied.Password'))]"

        },

        "CreateRootCert": {

            "Description": "Create the root certificate.",

            "Type": "NewRootCertificate",

            "Params": {

                "Path": "[parameter('CertPath')]",

                "Name": "[parameter('RootCertFileName')]",

                "DnsName": [

                    "[variable('Root.Cert.DnsName')]",

                    "127.0.0.1"

                ],

                "IncludePrivateKey": true,

                "Password": "[variable('Export.Password')]"

            }

        },

        "CreateSignedCert": {

            "Description": "Create a certificate signed by the root authority.",

            "Type": "NewSignedCertificate",

            "Params": {

                "Signer": "[GetCertificate(variable('Root.Cert.DnsName'), variable('Root.Cert.Store'))]",

                "Path": "[parameter('CertPath')]",

                "CertStoreLocation": "[variable('Client.Cert.Store')]",

                "Name": "[parameter('CertificateName')]",

                "DnsName": [

                    "[parameter('CertificateName')]",

                    "127.0.0.1"

                ],

                "IncludePrivateKey": true,

                "Password": "[variable('Export.Password')]"

            }

        }

    }

}