Tuesday, 1 November 2016

Request Subject Alternative Name certificate with PowerShell

Finally I managed to write this script. I had this on my agenda for quite a while and last week in the end I did.

Whoever went through all the 21 steps for requesting a SSL certificate with a custom Subject Alternative Name will know what it actually means to do monkey business.

Hence I wrote myself a PowerShell script. The script requires two files:
* An settings template .inf file that defines the certificate request settings.
* A JSON file with all the information about the Distinguished Name of the certificate, like Common Name, Organization and Subject Alternative Names.

My script will parse the JSON file and create a temporary policy file. From this temporary file it will build a certificate signing request using certreq.exe command-line tool.

The script should be started from an elevated command prompt like this:
C:> .\Create-SanCsr.ps1 -SettingsFileInf .\Settings.inf -CsrFileJson .\csr.json -OutFile MyCertRequest.txt

This Link (opens in a new window) is to the example JSON.
This Link (opens in a new window) is to the settings.inf.

This is my script Link (opens in a new window):

No comments:

Post a Comment