Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- If ((Get-ChildItem -Path "$certStore" | where-Object {$_.subject -like 'CN=CA-*.Pyrotek-Lab.local*'}| Sort-Object NotAfter -Desc | Select-Object -First 1)-eq $Null)
- {
- ## Create Import Certificate Function
- function Import-509Certificate
- {
- param([String]$certPath,[String]$certRootStore,[String]$certStore) $pfx = new-object System.Security.Cryptography.X509Certificates.X509Certificate2
- $pfx.import($certPath)
- $store = new-object System.Security.Cryptography.X509Certificates.X509Store($certStore,$certRootStore)
- $store.open(“MaxAllowed”)
- $store.add($pfx)
- $store.close()
- }
- # You should just fail here, and get them to run it again once they've fixed the problem
- while ("get-Childitem $unccertpath" -eq $NULL)
- {
- Write-Log -type Warning "SSL Cert does not exist at the provided path $certpath please refer to documentation and ensure cert exists before continuing"
- Pause
- }
- if ((Get-ChildItem -Path C:\|Where-Object{$_.Name -eq "Certs"}) -EQ $NULL){MD C:\Certs}
- copy "$unccertpath" $certpath
- Import-509Certificate "$certfile" "CurrentUser" "ROOT"
- If ((Get-ChildItem -Path "$certStore" | where-Object {$_.subject -like 'CN=CA-*.Pyrotek-Lab.local*'}| Sort-Object NotAfter -Desc | Select-Object -First 1)-ne $Null)
- {
- Write-Log -type Success "Certificate "+ (Get-ChildItem -Path "$certStore" | where-Object {$_.subject -like 'CN=CA-*.Pyrotek-Lab.local*'}| Sort-Object NotAfter -Desc | Select-Object -First 1).Subject + " was successfully placed in the $certStore store"
- }
- # get-childitem cert:\LocalMachine\root | get-member
- }
- $certdir = dir "$certStore"
- # Update the binding with the certificate
- #dir "Cert:\LocalMachine\my"
- #dir "IIS:\SslBindings"
- $cert = "IIS:\SslBindings\0.0.0.0!443"
- $SSLBinding = "IIS:\SslBindings\0.0.0.0!443\"
- # Grab the Certificate thumbprint
- $certThumb = Get-ChildItem -Path "$certStore" | where-Object {$_.subject -like 'CN=CA-*.Pyrotek-Lab.local*'} | Sort-Object NotAfter -Desc | Select-Object -First 1 -expand Thumbprint
- # Grab the Certificate and update the binding
- if ((get-Item -Path $cert)-ne $NULL)
- {
- Remove-Item -Path $cert
- }
- $i=0
- While ((get-item -path $cert) -eq $NULL -and($i -le 3))
- {
- $i++
- Write-Log -type Warning "The SSL Certificate must be bound to Central Administration Attempt $i"
- Get-Item cert:\localmachine\CA\$certThumb|New-Item $SSLBinding
- CD IIS:\SslBindings
- get-item cert:\LocalMachine\CA\$certThumb | New-Item 0.0.0!443
- }
- if ((get-item -path $cert) -eq $NULL)
- {
- Write-Log -type Error "The SSL Certificate was not successfully bound to Central Administration, halting install"
- #Exit
- }
- Write-Log -type Success ("The SSL Certificate was successfully installed to " + (Get-Item $cert).Sites.Value)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement