SHARE
TWEET

SSLCertRequestScript

jmeg8r Jun 28th, 2017 (edited) 1,005 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #requires -Version 2
  2. #Author: James Cruce
  3. #Version: 1.2
  4. #COMMENT: Creates SSL Certificate Request and Emails it as an attachment
  5. # Run this on a Windows Server or workstation with IIS installed
  6.  
  7. $Global:FQN = $null
  8. $Global:Email = $null
  9.  
  10.  
  11. Function Get-FQN
  12. {
  13.     $Global:FQN = Read-Host -Prompt 'Please enter the Fully Qualified Name of the server or url'
  14.  
  15.     Write-Host 'The Fully Qualified Name you entered was: ' $Global:FQN
  16.     ' '
  17.     Write-Host -Object 'Please choose yes or no that this is the correct Fully Qualified Name ' -ForegroundColor 'Green'
  18.     Write-Host -Object '  1 = yes' -ForegroundColor 'Green'
  19.     Write-Host -Object '  2 = no' -ForegroundColor 'Red'
  20.     ' '
  21.     $EnteredName = Read-Host 'Is ' $Global:FQN ' correct (1 or 2)? '
  22.  
  23.     If ($EnteredName -eq 1)
  24.     {
  25.         Write-Host 'You have chosen ' $Global:FQN ' as the server name'
  26.     }
  27.     ElseIf ($EnteredName -eq 2)
  28.     {
  29.         Clear-Variable -Name FQN -Scope Global
  30.         Clear-Variable -Name EnteredName
  31.         Get-FQN
  32.     }
  33.     Else
  34.     {
  35.         Clear-Variable -Name FQN -Scope Global
  36.         Clear-Variable -Name EnteredName
  37.         Get-FQN
  38.     }
  39. }
  40.  
  41. Get-FQN
  42.  
  43.  
  44.  
  45. $RequestFileName = "C:\Certificates\$Global:FQN-CertRequest.req"
  46. $RequestINFFileNamePath = "C:\Certificates\$Global:FQN-certrequest.inf"
  47.  
  48. ###########################################
  49. # Create Server Certificate Request File #
  50. ###########################################
  51. Write-Verbose -Message "Create Server Certificate Request File (CertReq.inf) for $Global:FQN "
  52.  
  53. $RequestINF =
  54. @"
  55. ;----------------- request.inf -----------------
  56.  
  57. [Version]
  58.  
  59. Signature="$Windows NT$
  60.  
  61. [NewRequest]
  62.  
  63. Subject ="CN=$Global:FQN,OU=Your Organization Unit,O=Your Organization,Street=Your Address,L=City,S=State,C=Country"
  64. KeySpec = 1
  65. KeyLength = 2048
  66. ; Can be 1024, 2048, 4096, 8192, or 16384.
  67. ; Larger key sizes are more secure, but have
  68. ; a greater impact on performance.
  69. Exportable = TRUE
  70. MachineKeySet = TRUE
  71. SMIME = False
  72. PrivateKeyArchive = FALSE
  73. UserProtected = FALSE
  74. UseExistingKeySet = FALSE
  75. ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
  76. ProviderType = 12
  77. RequestType = PKCS10
  78. KeyUsage = 0xa0
  79. FriendlyName = $Global:FQN
  80.  
  81. [EnhancedKeyUsageExtension]
  82.  
  83. OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
  84. OID=1.3.6.1.5.5.7.3.2 ; this is for Client Authentication
  85.  
  86. ;-----------------------------------------------
  87. "@
  88.  
  89. Write-Output -InputObject 'Generating Certificate Request file... '
  90. $RequestINFFile = $RequestINF | Out-File -FilePath $RequestINFFileNamePath -Force
  91.  
  92. certreq.exe -new $RequestINFFileNamePath $RequestFileName
  93.  
  94. Function Get-Email
  95. {
  96.    $Global:Email = Read-Host -Prompt 'Please enter your email address'
  97.  
  98.    Write-Host 'You have entered: The email address you entered was: ' $Global:Email
  99.    ' '
  100.    Write-Host -Object 'Please choose yes or no that this is the correct email address' -ForegroundColor 'Green'
  101.    Write-Host -Object '  1 = yes' -ForegroundColor 'Green'
  102.    Write-Host -Object '  2 = no' -ForegroundColor 'Red'
  103.    ' '
  104.    $EnteredEmail = Read-Host 'Is ' $Global:Email ' correct (1 or 2)? '
  105.  
  106.    If ($EnteredEmail -eq 1)
  107.    {
  108.        Write-Host 'You have confirmed ' $Global:Email ' is your email address'
  109.    }
  110.    ElseIf ($EnteredEmail -eq 2)
  111.    {
  112.        Clear-Variable -Name Email -Scope Global
  113.        Clear-Variable -Name EnteredEmail
  114.        Get-Email
  115.    }
  116.    Else
  117.    {
  118.        Clear-Variable -Name Email -Scope Global
  119.        Clear-Variable -Name EnteredEmail
  120.        Get-Email
  121.    }
  122. }
  123.  
  124.  
  125. Get-Email
  126.  
  127. Write-Output -InputObject 'Certificate Request file has been created and is being sent via email to Whomever you choose to process.'
  128.  
  129. $file = $RequestFileName
  130.  
  131.  
  132. #Creates email and sends it to whomever you list in $Rec
  133.  
  134. $Recipients = @('email1@yourcompany.com', 'email2@yourcompany.com', 'email3@yourcompany.com', "$Global:Email")
  135.  
  136.  
  137. Send-MailMessage -From $Global:Email -Subject "SSL Certificate Request $Global:FQN" -To $Recipients -Attachments $file `
  138. -Body 'Please process the attached certificate request.  If you have any questions about this request please let me know.'  -SmtpServer shands.ufl.edu
  139.  
  140.  
  141.  
  142. #Message about next step in the certificate request process
  143.  
  144. Write-Host -Object 'The certificate request has been moved to \\yoursharepath\certdirectory\cert requests\' -ForegroundColor 'Green'
  145.  
  146.  
  147.  
  148. #Moves cert request and inf file to the Current Cert Requests Folder
  149.  
  150. Move-Item -Path C:\Certificates\*.* -Destination '\\yoursharepath\certdirectory\cert requests\'
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top