powershell 向内部证书颁发机构申请证书
Posted PS_cmdlet
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了powershell 向内部证书颁发机构申请证书相关的知识,希望对你有一定的参考价值。
此篇文章仅作为知识积累和记录, 懂得都懂, 不懂的,看官网就可以懂
涉及到两个工具 CertReq 和 certutil
$certpath = "D:\\CertRequest"
$pfx_files_path = "D:\\pfxfiles"
$CA = "CA001.contoso.com\\ROOTCA01"
$certtemplate = "ServersTemplate"
$requestfile = Get-Content "D:\\CertRequest.txt"
foreach ($requestcert in $requestfile)
$subjectname = $requestcert # Read-Host "what is the FQDN like abc.contoso.com?" #set certificate FQDN
$inf_filefullpath = "$certpath\\$subjectname.inf"
$req_filefullpath = "$certpath\\$subjectname.req"
$cer_filefullpath = "$certpath\\$subjectname.cer"
$pfx_filefullpath = "$certpath\\$subjectname.pfx"
$pwd_filefullpath = "$certpath\\$subjectname" + "pwd.txt"
$cersn_exportpath = "$certpath\\$subjectname" + "sn.txt"
"[Version]" | Out-File -Append $inf_filefullpath
Signature="$Windows NT$" | Out-File -Append $inf_filefullpath
"`n" | Out-File -Append $inf_filefullpath
"[NewRequest]" | Out-File -Append $inf_filefullpath
"Subject=CN=" + "`"" + $subjectname + "`"" | Out-File -Append $inf_filefullpath
"KeyLength = 2048" | Out-File -Append $inf_filefullpath
"Exportable = true" | Out-File -Append $inf_filefullpath
"`n" | Out-File -Append $inf_filefullpath
"[RequestAttributes]" | Out-File -Append $inf_filefullpath
"CertificateTemplate=$certtemplate" | Out-File -Append $inf_filefullpath
CertReq -New -f $inf_filefullpath $req_filefullpath
CertReq -Submit -f -config $CA $req_filefullpath $cer_filefullpath
certreq -accept $cer_filefullpath
certutil -verify $cer_filefullpath | findstr -i number > $cersn_exportpath
$SN = (Get-Content $cersn_exportpath).Substring(20)
$pfxpwd = abc123 # set pfx file password
certutil -f -p $pfxpwd -exportpfx $SN $pfx_filefullpath
Get-Item -Path $pfx_filefullpath | Move-Item -Destination $pfx_files_path -Force #move result pfx file to pfxfiles directory
以上是关于powershell 向内部证书颁发机构申请证书的主要内容,如果未能解决你的问题,请参考以下文章
#yyds干货盘点#怎样使用cfssl为etcd颁发SSL证书