Powershell Scripts SSL Signing CSR with CA?
I am in a situation where I need to deploy about 200 SSL certificates to various devices of our Agency (HP iLO is such a joy they bring ...). I currently have a powershell script that gets the CSR from the iLO device, but now I need to be able to auto-sign this with our CA so that I can go back to the script and import into the device.
We are using Microsoft Certification Services and I can upload a CA certificate, certificate chain or CRL if needed.
I don't care how I get the signed certificate - I mean if powershell needs to call an external application to be signed then everything is fine. I've looked at makecert.exe in the .NET SDK but it doesn't seem to do the job.
I have a feeling that this is possible with OpenSSL. If someone could enlighten me, that would be great.
Greetings
source to share
Today, when dealing with Microsoft Engineer, the most elegant solution when using the existing infrastructure is to use certreq.exe. Once you have your CSR, you can run this command to get a certificate using MS CA:
certreq.exe -attrib "CertificateTemplate:WebServer" infile.csr outfile.cer
from there you get the certificate using Get-Content outfile.cer to put it back in your script.
Greetings
source to share
This article describes the steps to create a CA and CSR signing from IIS: Create a self-signed certificate using OpenSSL for use with Microsoft Internet Information Services (IIS) 5
You can export the CA to a format that OpenSSL can read and follow the steps after Sign the Certificate Request.
source to share