JohnLBevan · May 13, 2021 13:29
diff --git a/New-SelfSignedCertPfx.ps1 b/New-SelfSignedCertPfx.ps1
 Function New-SelfSignedCertPfx {
    [CmdletBinding(DefaultParameterSetName = 'PasswordAsSecureString')]
    Param (
        [Parameter()]
        [string[]]$SanList = @('localhost', '127.0.0.1')
        ,
        [Parameter(ParameterSetName = 'PasswordAsSecureString')]
        [SecureString]$ExportPassword = [System.Security.SecureString]::new()
        ,
        # note: using the secure string option is recommended... but tbh most real world cases where you'd use this script you're just looking for something quick and easy
        [Parameter(ParameterSetName = 'PasswordAsString', Mandatory)]
        [string]$PlaintextExportPassword 
        ,
        [Parameter()]
        [string]$CertStorePath = 'cert:\localmachine\my'
        ,
        [Parameter()]
        [string]$PfxOutputPath = '.\selfSignedCert.pfx'
        ,
        [Parameter()]
        [DateTime]$DateTo = (Get-Date).ToUniversalTime().AddYears(1)
        ,
        [Parameter()]
        [Int32]$KeyLength = 2048
        ,
        [Parameter()]
        [Switch]$KeepInKeyStore
    )
    if ($PSCmdlet.ParameterSetName -eq 'PasswordAsString') {
        $ExportPassword = $PlaintextExportPassword | ConvertTo-SecureString -AsPlainText -Force
    }
    [HashTable]$splat = @{
        DnsName = $SanList
        CertStoreLocation = $CertStorePath
        NotAfter = $DateTo
        KeyLength = $KeyLength
    }
    [System.Security.Cryptography.X509Certificates.X509Certificate2]$tempCert = New-SelfSignedCertificate @splat
    Export-PfxCertificate -Cert $tempCert -FilePath $PfxOutputPath -Password $ExportPassword | Out-Null
    if (!$KeepInKeyStore.IsPresent) {
        Remove-Item -Path $tempCert.PSPath
    }
    return ([PSCustomObject]@{
        Path = $PfxOutputPath
        SanList = $SanList
        ExportPassword = $ExportPassword
        Certificate = $tempCert
    })
 }
	Function New-SelfSignedCertPfx {
	[CmdletBinding(DefaultParameterSetName = 'PasswordAsSecureString')]
	Param (
	[Parameter()]
	[string[]]$SanList = @('localhost', '127.0.0.1')
	,
	[Parameter(ParameterSetName = 'PasswordAsSecureString')]
	[SecureString]$ExportPassword = [System.Security.SecureString]::new()
	,
	# note: using the secure string option is recommended... but tbh most real world cases where you'd use this script you're just looking for something quick and easy
	[Parameter(ParameterSetName = 'PasswordAsString', Mandatory)]
	[string]$PlaintextExportPassword
	,
	[Parameter()]
	[string]$CertStorePath = 'cert:\localmachine\my'
	,
	[Parameter()]
	[string]$PfxOutputPath = '.\selfSignedCert.pfx'
	,
	[Parameter()]
	[DateTime]$DateTo = (Get-Date).ToUniversalTime().AddYears(1)
	,
	[Parameter()]
	[Int32]$KeyLength = 2048
	,
	[Parameter()]
	[Switch]$KeepInKeyStore
	)
	if ($PSCmdlet.ParameterSetName -eq 'PasswordAsString') {
	$ExportPassword = $PlaintextExportPassword \| ConvertTo-SecureString -AsPlainText -Force
	}
	[HashTable]$splat = @{
	DnsName = $SanList
	CertStoreLocation = $CertStorePath
	NotAfter = $DateTo
	KeyLength = $KeyLength
	}
	[System.Security.Cryptography.X509Certificates.X509Certificate2]$tempCert = New-SelfSignedCertificate @splat
	Export-PfxCertificate -Cert $tempCert -FilePath $PfxOutputPath -Password $ExportPassword \| Out-Null
	if (!$KeepInKeyStore.IsPresent) {
	Remove-Item -Path $tempCert.PSPath
	}
	return ([PSCustomObject]@{
	Path = $PfxOutputPath
	SanList = $SanList
	ExportPassword = $ExportPassword
	Certificate = $tempCert
	})
	}