Every time the intermediate certificate expires this is a recurring job.
At least 200 certificate requests need to be signed. Now I could be doing this by hand, but that would take forever would be super annoying and tedious.
So once again PowerShell to the rescue.
Put the .csr files in a directory and adjust the path in the script to match it.
Then create the output folder and adjust the patch in the script to match it.
Choose the template name for the certificate you want to request, mine was a "webserver" request.
You will be asked to click OK to select the CA for each certificate. (I know, but still beats creating them all by hand)
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | <# Title : Get-CertificateFromCSR.ps1 Version : 1.0 Created by : Edwin van Brenk © 2023 For : vanbrenk.blogspot.com Date : 26-05-2023 .Synopsis Creates a certificate from a .csr file .DESCRIPTION This script requests a .pem file from a .csr to the specified Certificate Authority Save the .csr's in the $outpath folder. .EXAMPLE Just run it in a ISE window, you are prompted to select the CA. #> # Invoke the CertReq.exe command to sign a certificate request # certreq -submit <Path to request file> <Path to output cert file> # certreq -submit certRequest.req certnew.cer certnew.pfx $CSRs = Get-ChildItem "C:\Scripts\Get-BulkCertFromCSR\CSR\2023" $OutPath = New-Item "C:\Scripts\Get-BulkCertFromCSR\CSR\IssuedCertificates\2023" -ItemType Directory -Force ForEach($CSR in $CSRs){ $FileOutCER = Join-Path $OutPath "$($CSR.BaseName).cer" $FileOutPEM = Join-Path $OutPath "$($CSR.BaseName).pem" CertReq -submit -attrib "CertificateTemplate:Webserver" $CSR.FullName $FileOutCER $FileOutPEM } |
No comments:
Post a Comment