Pages

26 May 2023

Sign certificates in Bulk - Create .PEM, .CER and .RSP certificate files from .CSR in bulk with PowerShell

Every time the intermediate certificate expires this is a recurring job.

At least 200 certificate requests need to be signed. Now I could be doing this by hand, but that would take forever would be super annoying and tedious.

So once again PowerShell to the rescue.
Put the .csr files in a directory and adjust the path in the script to match it.
Then create the output folder and adjust the patch in the script to match it.
Choose the template name for the certificate you want to request, mine was a "webserver" request.

You will be asked to click OK to select the CA for each certificate. (I know, but still beats creating them all by hand)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
<#
Title         : Get-CertificateFromCSR.ps1
Version       : 1.0
Created by    : Edwin van Brenk © 2023
For           : vanbrenk.blogspot.com
Date          : 26-05-2023

.Synopsis
   Creates a certificate from a .csr file
.DESCRIPTION
   This script requests a .pem file from a .csr to the specified Certificate Authority
   Save the .csr's in the $outpath folder.
.EXAMPLE
   Just run it in a ISE window, you are prompted to select the CA.
#>



# Invoke the CertReq.exe command to sign a certificate request

# certreq -submit <Path to request file> <Path to output cert file>
# certreq -submit certRequest.req certnew.cer certnew.pfx

$CSRs = Get-ChildItem "C:\Scripts\Get-BulkCertFromCSR\CSR\2023"
$OutPath = New-Item "C:\Scripts\Get-BulkCertFromCSR\CSR\IssuedCertificates\2023" -ItemType Directory -Force

ForEach($CSR in $CSRs){
    $FileOutCER = Join-Path $OutPath "$($CSR.BaseName).cer"
    $FileOutPEM = Join-Path $OutPath "$($CSR.BaseName).pem"
    CertReq -submit -attrib "CertificateTemplate:Webserver" $CSR.FullName $FileOutCER $FileOutPEM
}

No comments:

Post a Comment