CertificatePS is a very small PowerShell module that provides two cmdlets:
They could have been gists or just scripts, but I chose to package them in a module because I really love the convenience package repositories offer in terms of versioning and deployment.
The github repository is here.
Get-CertificateTemplate takes a
System.Security.Cryptography.X509Certificates.X509Certificate2 instance and outputs the template name.
By default, the template is not accessible as a property on the
X509Certificate2 .net type. The cmdlet is a written based on these discussions.
The certificate can be piped into the
Get-CertificateTemplate. For example
Get-ChildItem cert:\LocalMachine\My | Get-CertificateTemplate
New-DomainSignedCertificate requests and issues a certificate from the domain certificate authority. This only works with the Active Directory ecosystem.
The cmdlet is in fact a wrapper around multiple invocations of
The cmdlet is a written based on these.
The cmdlet needs the certificate authority. If you don’t know it then execute
certutil in a command line and copy the value of the line config.
Here is an example for hostname
example.com. The hostname will be the common name in the issued certificate.
New-DomainSignedCertificate -Hostname "example.com" -CertificateAuthority ""
The cmdlet will automatically generate a friendly name combining the date and hostname. e.g.
You can explicitly control this value from the
-FriendlyName parameter. You can also have more control on the data of the certificate by using the optional parameters.
-workdir controls where the intermediate files are generated.