Create root certificate
1) PS C:\WINDOWS\system32> New-SelfSignedCertificate -DnsName "localhost", "localhost" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date).AddYears(20) -FriendlyName "Rlocalhost" -KeyUsageProperty All -KeyUsage CertSign, CRLSign, DigitalSignature
PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\My
Thumbprint Subject
---------- -------
8C3452CA05A70484DA828FA91E54394C683A06E2 CN=localhost
2) PS C:\WINDOWS\system32> $CertPwd = ConvertTo-SecureString -String "password" -Force -AsPlainText
3) PS C:\WINDOWS\system32> Get-ChildItem -Path cert:\localMachine\my\8C3452CA05A70484DA828FA91E54394C683A06E2 | Export-PfxCertificate -FilePath C:\FamLink\docs\certificates\root.pfx -Password $CertPwd
Directory: C:\FamLink\docs\certificates
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 4/14/2022 2:56 PM 2701 root.pfx
4) PS C:\WINDOWS\system32> $rootcert = ( Get-ChildItem -Path cert:\LocalMachine\My\8C3452CA05A70484DA828FA91E54394C683A06E2 )
5) PS C:\WINDOWS\system32> New-SelfSignedCertificate -certstorelocation cert:\localmachine\my -dnsname "localhost" -Signer $rootcert -NotAfter (Get-Date).AddYears(20) -FriendlyName "Clocalhost"
PSParentPath: Microsoft.PowerShell.Security\Certificate::LocalMachine\my
Thumbprint Subject
---------- -------
BC8354ABD4A274226D9B25887EEB33CF9C8FF4BA CN=localhost
Create child certificate
6) PS C:\WINDOWS\system32> $mypwd = ConvertTo-SecureString -String "password" -Force -AsPlainText
7) PS C:\WINDOWS\system32> Get-ChildItem -Path cert:\localMachine\my\BC8354ABD4A274226D9B25887EEB33CF9C8FF4BA | Export-PfxCertificate -FilePath C:\FamLink\docs\certificates\child.pfx -Password $mypwd
Directory: C:\FamLink\docs\certificates
Mode LastWriteTime Length Name
---- ------------- ------ ----
-a---- 4/14/2022 3:03 PM 3597 child.pfx
7) PS C:\WINDOWS\system32> Get-ChildItem -Path cert:\localMachine\my\8C3452CA05A70484DA828FA91E54394C683A06E2
No comments:
Post a Comment