I have created the following CA and Intermediate using powershell New-SelfSignedCertificate.
I now have a CSR which is generated using openssl/from another source.
Is there an option where the CSR can be signed using the similar powershell option in Windows, so I can put it in the script to run, which I can then import the signed certificate back to the other source.
Note: I understand that I can use openssl to sign the CSR, but looking for option in powershell in Windows. Thanks!
Root CA
$RootCA = New-SelfSignedCertificate -Subject 'CN=KeyCARootCN,O=Test Organisation, OU=Test RootCA,C=AU' -KeyLength 2048 -KeyAlgorithm 'RSA' -HashAlgorithm 'SHA256' -KeyExportPolicy Exportable -KeyUsage KeyEncipherment,DataEncipherment,CertSign,DigitalSignature,CRLSign -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider' -NotAfter (Get-Date).AddYears(40) -KeyUsageProperty All -TextExtension @(“2.5.29.19 ={critical} {text}ca=1&pathlength=5”) -CertStoreLocation Cert:\LocalMachine\My
$RootCA
$RootCAthumbprint = $RootCA.Thumbprint
$CertRootCAPassword = ConvertTo-SecureString -String “Test123” -Force –AsPlainText
$CertRootCAFilePFX = Export-PfxCertificate -Cert cert:\LocalMachine\My\$RootCAthumbprint -FilePath C:\Users\KeyCARoot.pfx -Password $CertRootCAPassword
$CertRootCAFileCER = Export-Certificate -Cert $RootCA -FilePath C:\Users\KeyCARoot.cer
$CertRootCAFileCER
$CertRootCAPath = 'C:\Users\KeyCARoot.cer'
Import-Certificate -FilePath C:\Users\KeyCARoot.cer -CertStoreLocation Cert:\LocalMachine\Root
Intermediate CA
$InterCA = New-SelfSignedCertificate -Subject 'CN=KeyInterCARootCN,O=Test Organisation, OU=Test InterCA,C=AU' -Signer $RootCA -KeyLength 2048 -HashAlgorithm 'SHA256' -KeyExportPolicy Exportable -KeyUsage KeyEncipherment,DataEncipherment,CertSign,DigitalSignature,CRLSign -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider' -NotAfter (Get-Date).AddYears(35) -KeyUsageProperty Sign -TextExtension @(“2.5.29.19 = {critical} {text}ca=1&pathlength=0”) -CertStoreLocation Cert:\LocalMachine\My
$InterCAthumbprint = $InterCA.Thumbprint
$CertInterCAPassword = ConvertTo-SecureString -String “Test123” -Force –AsPlainText
$CertInterCAFilePFX = Export-PfxCertificate -Cert cert:\LocalMachine\My\$InterCAthumbprint -FilePath C:\Users\KeyInterCARoot.pfx -Password $CertInterCAPassword
$CertInterCAFileCER = Export-Certificate -Cert $InterCA -FilePath C:\Users\KeyInterCARoot.cer
$CertInterCAFileCER
Import-Certificate -FilePath C:\Users\KeyInterCARoot.cer -CertStoreLocation Cert:\LocalMachine\CA