Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #requires -Version 2
- #Author: James Cruce
- #Version: 1.2
- #COMMENT: Creates SSL Certificate Request and Emails it as an attachment
- # Run this on a Windows Server or workstation with IIS installed
- $Global:FQN = $null
- $Global:Email = $null
- Function Get-FQN
- {
- $Global:FQN = Read-Host -Prompt 'Please enter the Fully Qualified Name of the server or url'
- Write-Host 'The Fully Qualified Name you entered was: ' $Global:FQN
- ' '
- Write-Host -Object 'Please choose yes or no that this is the correct Fully Qualified Name ' -ForegroundColor 'Green'
- Write-Host -Object ' 1 = yes' -ForegroundColor 'Green'
- Write-Host -Object ' 2 = no' -ForegroundColor 'Red'
- ' '
- $EnteredName = Read-Host 'Is ' $Global:FQN ' correct (1 or 2)? '
- If ($EnteredName -eq 1)
- {
- Write-Host 'You have chosen ' $Global:FQN ' as the server name'
- }
- ElseIf ($EnteredName -eq 2)
- {
- Clear-Variable -Name FQN -Scope Global
- Clear-Variable -Name EnteredName
- Get-FQN
- }
- Else
- {
- Clear-Variable -Name FQN -Scope Global
- Clear-Variable -Name EnteredName
- Get-FQN
- }
- }
- Get-FQN
- $RequestFileName = "C:\Certificates\$Global:FQN-CertRequest.req"
- $RequestINFFileNamePath = "C:\Certificates\$Global:FQN-certrequest.inf"
- ###########################################
- # Create Server Certificate Request File #
- ###########################################
- Write-Verbose -Message "Create Server Certificate Request File (CertReq.inf) for $Global:FQN "
- $RequestINF =
- @"
- ;----------------- request.inf -----------------
- [Version]
- Signature="$Windows NT$
- [NewRequest]
- Subject ="CN=$Global:FQN,OU=Your Organization Unit,O=Your Organization,Street=Your Address,L=City,S=State,C=Country"
- KeySpec = 1
- KeyLength = 2048
- ; Can be 1024, 2048, 4096, 8192, or 16384.
- ; Larger key sizes are more secure, but have
- ; a greater impact on performance.
- Exportable = TRUE
- MachineKeySet = TRUE
- SMIME = False
- PrivateKeyArchive = FALSE
- UserProtected = FALSE
- UseExistingKeySet = FALSE
- ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
- ProviderType = 12
- RequestType = PKCS10
- KeyUsage = 0xa0
- FriendlyName = $Global:FQN
- [EnhancedKeyUsageExtension]
- OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
- OID=1.3.6.1.5.5.7.3.2 ; this is for Client Authentication
- ;-----------------------------------------------
- "@
- Write-Output -InputObject 'Generating Certificate Request file... '
- $RequestINFFile = $RequestINF | Out-File -FilePath $RequestINFFileNamePath -Force
- certreq.exe -new $RequestINFFileNamePath $RequestFileName
- Function Get-Email
- {
- $Global:Email = Read-Host -Prompt 'Please enter your email address'
- Write-Host 'You have entered: The email address you entered was: ' $Global:Email
- ' '
- Write-Host -Object 'Please choose yes or no that this is the correct email address' -ForegroundColor 'Green'
- Write-Host -Object ' 1 = yes' -ForegroundColor 'Green'
- Write-Host -Object ' 2 = no' -ForegroundColor 'Red'
- ' '
- $EnteredEmail = Read-Host 'Is ' $Global:Email ' correct (1 or 2)? '
- If ($EnteredEmail -eq 1)
- {
- Write-Host 'You have confirmed ' $Global:Email ' is your email address'
- }
- ElseIf ($EnteredEmail -eq 2)
- {
- Clear-Variable -Name Email -Scope Global
- Clear-Variable -Name EnteredEmail
- Get-Email
- }
- Else
- {
- Clear-Variable -Name Email -Scope Global
- Clear-Variable -Name EnteredEmail
- Get-Email
- }
- }
- Get-Email
- Write-Output -InputObject 'Certificate Request file has been created and is being sent via email to Whomever you choose to process.'
- $file = $RequestFileName
- #Creates email and sends it to whomever you list in $Rec
- $Recipients = @('email1@yourcompany.com', 'email2@yourcompany.com', 'email3@yourcompany.com', "$Global:Email")
- Send-MailMessage -From $Global:Email -Subject "SSL Certificate Request $Global:FQN" -To $Recipients -Attachments $file `
- -Body 'Please process the attached certificate request. If you have any questions about this request please let me know.' -SmtpServer shands.ufl.edu
- #Message about next step in the certificate request process
- Write-Host -Object 'The certificate request has been moved to \\yoursharepath\certdirectory\cert requests\' -ForegroundColor 'Green'
- #Moves cert request and inf file to the Current Cert Requests Folder
- Move-Item -Path C:\Certificates\*.* -Destination '\\yoursharepath\certdirectory\cert requests\'
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement