This script was born after I needed to create over 200 certificates requested by .csr files.
The regular way of pasting the content of the .csr into the certsrv site was to time consuming, boring and repetitive to do by hand.
But I couldn't find a script or method that would work for what I needed.
I had hoped that the famous PSPKI module by Vadims Podāns (https://www.pkisolutions.com/tools/pspki/) could help me out, and in a way it could but not entirely how I wanted it. Turned out the "foreach" I tried couldn't pass trough the "Submit-CertificateRequest" commandlet.
So this is what I came up with it requires some Notepad++ find and replace, it's a bit quick and dirty but does the job.
If somebody knows how to make this better, please drop a message.
It requires the PSPKI, found here or from PowerShell:
Install-Module -Name PSPKI
The script:
Import-Module pspki cd C:\Scripts\Get-CertificateFromCSR\csr $PKI = "YourCAServer.domain.lan" $OutPath = "C:\Scripts\Get-CertificateFromCSR\IssuedCertificates" $status = Submit-CertificateRequest -path "C:\Scripts\Get-CertificateFromCSR\CSR\Certificate01.csr" -CA $PKI -Attribute "CertificateTemplate:Webserver" $ReqID = $status.requestid Get-IssuedRequest -RequestID $reqID -CertificationAuthority $PKI | Receive-Certificate -Path $OutPath\Certificate01 -Force cd $outpath\Certificate01 $item = ls Rename-Item -path $item -newname Certificate01.cer $status = Submit-CertificateRequest -path "C:\Scripts\Get-CertificateFromCSR\CSR\Certificate02.csr" -CA $PKI -Attribute "CertificateTemplate:Webserver" $ReqID = $status.requestid Get-IssuedRequest -RequestID $reqID -CertificationAuthority $PKI | Receive-Certificate -Path $OutPath\Certificate02 -Force cd $outpath\Certificate02 $item = ls Rename-Item -path $item -newname Certificate02.cer
Etc, etc, etc
No comments:
Post a Comment