Skip to content

Instantly share code, notes, and snippets.

@watahani

watahani/copy-pfxfile.ps1

Last active March 26, 2020 07:18
Show Gist options
  • Save watahani/b22e4f2ce1f05eb972241adc593ab56c to your computer and use it in GitHub Desktop.
Save watahani/b22e4f2ce1f05eb972241adc593ab56c to your computer and use it in GitHub Desktop.
Download ZIP
Raw
copy-pfxfile.ps1
# use this script only for debug purpose.
param(
[Parameter(Position=0,Mandatory=$true)]
[string]
$NewCertThumbprint,
[Parameter(Position=1,Mandatory=$true)]
[string]
$CertFriendlyName,
[Parameter(Position=2,Mandatory=$true)]
[string]
$CacheFile,
[Parameter(Position=3,Mandatory=$true)]
[string]
$CachePassword
)
$names = $CertFriendlyName.Split()
$name = $names[1].replace("*", "_")
$date = $names[2]
$date = $date.Replace("/","-")
if( -not (Test-Path ".\certificates")){
mkdir ".\certificates"
}
cp $CacheFile ".\certificates\$name-$date.pfx"
echo $CachePassword > ".\certificates\$name-$date-password.txt"
Raw
win-acme-sample-azure.ps1
param(
[Parameter(Mandatory = $false)]
[string]
$zoneName,
[Parameter(Mandatory = $false)]
[string]
$resourceGroupName,
[Parameter(Mandatory = $false)]
[string]
$clientId,
[Parameter(Mandatory = $false)]
[string]
$clientSecret,
[Parameter(Mandatory = $false)]
[string]
$tenantId,
[Parameter(Mandatory = $false)]
[string]
$subscriptionId,
[Parameter(Mandatory = $false)]
[string]
$targetHost
)
if (-not $targetHost) {
$targetHost = Read-Host "enter target hostname: "
}
if (-not $zoneName) {
$zoneName = Read-Host "enter target zoneName: "
}
if (-not $resourceGroupName) {
$resourceGroupName = Read-Host "enter resource group name: "
}
if (-not $clientId) {
$clientId = Read-Host "enter client id which have permission to edit dns zone: "
}
if(-not $clientSecret) {
$clientSecret = Read-Host "enter client secret: "
}
if(-not $tenantId) {
$tenantId = Read-Host "enter tenant id: "
}
if(-not $subscriptionId) {
$subscriptionId = Read-Host "enter subscription id: "
}
$winacmeVersion = "v2.0.7.315"
if (-not (Test-Path ".\win-acme\wacs.exe")) {
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
(New-Object System.Net.WebClient).DownloadFile("https://github.com/PKISharp/win-acme/releases/download/$winacmeVersion/win-acme.$winacmeVersion.zip" , ".\win-acme.zip" )
(New-Object System.Net.WebClient).DownloadFile("https://github.com/PKISharp/win-acme/releases/download/$winacmeVersion/win-acme.azure.$winacmeVersion.zip" , ".\win-acme-azure.zip" )
(New-Object System.Net.WebClient).DownloadFile("https://gist.githubusercontent.com/watahani/b22e4f2ce1f05eb972241adc593ab56c/raw/4cd73174a6e4bb48d25cc45ca083a894ea1fff93/copy-pfxfile.ps1" , ".\copy-pfxfile.ps1" )
Expand-Archive .\win-acme.zip
Expand-Archive .\win-acme-azure.zip -DestinationPath .\win-acme
}
$settingxml = [xml](Get-Content .\win-acme\wacs.exe.config)
if ($settingxml.configuration.runtime.loadFromRemoteSources) {
}
else {
# <loadFromRemoteSources enabled="true"/>
$loadFromRemoteSources = $settingxml.CreateElement("loadFromRemoteSources")
$loadFromRemoteSources.SetAttribute("enabled", "true")
$settingxml.configuration.runtime.AppendChild($loadFromRemoteSources) | Out-Null
$settingxml.Save(".\win-acme\wacs.exe.config")
}
.\win-acme\wacs.exe --validationmode dns-01 --validation azure `
--azuretenantid $tenantId --azureclientid $clientId --azuresecret $clientSecret --azuresubscriptionid $subscriptionId --azureresourcegroupname $resourceGroupName `
--target manual --host $targetHost --store pemfiles, certificatestore --pemfilespath $(pwd) --installation script --script ".\copy-pfxfile.ps1" --scriptparameters "'{CertThumbprint}' '{CertFriendlyName}' '{CacheFile}' '{CachePassword}'"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment