Last active
October 4, 2021 18:09
-
-
Save signalwarrant/a3037b904ef928a99dc1ef6e5c9e2617 to your computer and use it in GitHub Desktop.
Advanced Auditing DSC
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Code Source: http://duffney.io/Configure-HTTPS-DSC-PullServerPSv5 | |
| $inf = @" | |
| [Version] | |
| Signature="`$Windows NT`$" | |
| [NewRequest] | |
| Subject = "CN=DC, OU=IT, O=Signalwarrant, L=Augusta, S=SE, C=US" | |
| KeySpec = 1 | |
| KeyLength = 2048 | |
| Exportable = TRUE | |
| FriendlyName = PSDSCPullServerCert | |
| MachineKeySet = TRUE | |
| SMIME = False | |
| PrivateKeyArchive = FALSE | |
| UserProtected = FALSE | |
| UseExistingKeySet = FALSE | |
| ProviderName = "Microsoft RSA SChannel Cryptographic Provider" | |
| ProviderType = 12 | |
| RequestType = PKCS10 | |
| KeyUsage = 0xa0 | |
| "@ | |
| $infFile = "$env:HOMEDRIVE\temp\certrq.inf" | |
| $requestFile = "$env:HOMEDRIVE\temp\request.req" | |
| $CertFileOut = "$env:HOMEDRIVE\temp\certfile.cer" | |
| mkdir $env:HOMEDRIVE\temp | |
| $inf | Set-Content -Path $infFile | |
| & certreq.exe -new "$infFile" "$requestFile" | |
| # Make sure the DC matches everywhere | |
| & certreq.exe -submit -config DC.signalwarrant.local\Signalwarrant-DC-CA -attrib 'CertificateTemplate:WebServer' "$requestFile" "$CertFileOut" | |
| & certreq.exe -accept "$CertFileOut" | |
| ## Copy the certfile to any clients and install the Cert to Local Machine |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment