Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- $hostname = $env:computername.ToLower()
- $domain = $env:userdnsdomain.ToLower()
- $templ = @"
- [Version]
- Signature="$Windows NT$
- [NewRequest]
- Subject = "CN=$hostname.$domain"
- Exportable = FALSE
- KeySpec = 1
- KeyUsage = 0xA0
- MachineKeySet = True
- ProviderType = 12
- RequestType = PKCS10
- ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
- KeyLength = 2048
- "@
- $templ | Out-File req.inf
- # Fetch CA certificate and install it
- Invoke-WebRequest -Uri http://ca7.certidude.rocks/api/certificate -OutFile ca_cert.pem
- #Import-Certificate -FilePath ca_cert.pem -CertStoreLocation Cert:\LocalMachine\Root
- C:\Windows\system32\certutil.exe -addstore Root ca_cert.pem
- # Generate keypair and submit CSR
- C:\Windows\system32\certreq.exe -new -f -q req.inf client_csr.pem
- Invoke-WebRequest -TimeoutSec 900 -Uri 'http://ca7.certidude.rocks/api/request/?autosign=1' -InFile client_csr.pem -ContentType application/pkcs10 -Method POST -MaximumRedirection 3 -OutFile client_cert.pem
- # Import certificate
- C:\Windows\system32\certutil.exe -addstore My client_cert.pem
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement