锐客网

  1. 首页 > 睿知 > it技术 > >

powershell 向内部证书颁发机构申请证书

IT知识powershell

亦余心之所善兮,虽九死其犹未悔。这篇文章主要讲述powershell 向内部证书颁发机构申请证书相关的知识,希望能为你提供帮助。
【powershell 向内部证书颁发机构申请证书】此篇文章仅作为知识积累和记录, 懂得都懂, 不懂的,看官网就可以懂
涉及到两个工具 ??CertReq??? 和 ??certutil??

$certpath = "D:\\CertRequest"
$pfx_files_path = "D:\\pfxfiles"
$CA = "CA001.contoso.com\\ROOTCA01"
$certtemplate = "ServersTemplate"
$requestfile = Get-Content "D:\\CertRequest.txt"
foreach ($requestcert in $requestfile)

$subjectname = $requestcert # Read-Host "what is the FQDN like abc.contoso.com?"#set certificate FQDN
$inf_filefullpath = "$certpath\\$subjectname.inf"
$req_filefullpath = "$certpath\\$subjectname.req"
$cer_filefullpath = "$certpath\\$subjectname.cer"
$pfx_filefullpath = "$certpath\\$subjectname.pfx"
$pwd_filefullpath = "$certpath\\$subjectname" + "pwd.txt"
$cersn_exportpath = "$certpath\\$subjectname" + "sn.txt"
"[Version]" | Out-File -Append $inf_filefullpath
Signature="$Windows NT$" | Out-File -Append $inf_filefullpath
"`n" | Out-File -Append $inf_filefullpath
"[NewRequest]" | Out-File -Append $inf_filefullpath
"Subject=CN=" + "`"" + $subjectname + "`"" | Out-File -Append $inf_filefullpath
"KeyLength = 2048" | Out-File -Append $inf_filefullpath
"Exportable = true" | Out-File -Append $inf_filefullpath
"`n" | Out-File -Append $inf_filefullpath
"[RequestAttributes]" | Out-File -Append $inf_filefullpath
"CertificateTemplate=$certtemplate" | Out-File -Append $inf_filefullpath

CertReq -New -f $inf_filefullpath $req_filefullpath

CertReq -Submit -f -config $CA $req_filefullpath $cer_filefullpath

certreq -accept $cer_filefullpath

certutil -verify $cer_filefullpath | findstr -i number > $cersn_exportpath
$SN = (Get-Content $cersn_exportpath).Substring(20)
$pfxpwd = abc123# set pfx file password

certutil -f -p $pfxpwd -exportpfx $SN $pfx_filefullpath
Get-Item -Path $pfx_filefullpath | Move-Item -Destination $pfx_files_path -Force#move result pfx file to pfxfiles directory


    推荐阅读


    上一篇:k8s-apiServer认证

    下一篇:redis 哨兵模式 sentinel