TrustedNew-SelfSignedCertificate
Posted: Sun Oct 13, 2019 8:42 am
----------------------------------------------------------
from SLACK
----------------------------------------------------------
Can you create a doc of how you did it?
Antonio Linares 09:49 Uhr
good morning: sonnig:
1. Create the TrustedNew-SelfSignedCertificate -CertStoreLocation Cert: \ LocalMachine \ My -DnsName "FiveTech Certificate Authority" -KeyUsage CertSign, CRLSign, DataEncipherment, DigitalSignature, KeyAgreement1.1 certificate. Point the thumbprint of the certificate (in this case 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602) 2. Export private key and certificate $ pwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Export-PfxCertificate -cert Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602 -FilePath root-authority.pfx -Password $ pwd
Export-Certificate -Cert Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602 -FilePath root-authority.crt3. Import the .crt to "Trusted Root Certification Authorities" 4. Create certificate signed with that Trusted $ rootcert = (Get-ChildItem -Path Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602)
New-SelfSignedCertificate -CertStoreLocation Cert: \ LocalMachine \ My -DnsName "fivetech" -Signer $ rootcert5. Select it in Bindings in IIS. And voila: zwinkern:
image.png
image.png
Antonio Linares 09:57 Uhr
image.png
image.png
Charly: palme: 10:07 Uhr
Account for all this to serve, plis: leichtes_lächeln:
Antonio Linares 10:16 Uhr
Suppose a client wants us to make a web app using mod_harbour but wants the application to work using https
So we generate a certificate for free and we can start using the app by https
from SLACK
----------------------------------------------------------
Can you create a doc of how you did it?
Antonio Linares 09:49 Uhr
good morning: sonnig:
1. Create the TrustedNew-SelfSignedCertificate -CertStoreLocation Cert: \ LocalMachine \ My -DnsName "FiveTech Certificate Authority" -KeyUsage CertSign, CRLSign, DataEncipherment, DigitalSignature, KeyAgreement1.1 certificate. Point the thumbprint of the certificate (in this case 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602) 2. Export private key and certificate $ pwd = ConvertTo-SecureString -String "1234" -Force -AsPlainText
Export-PfxCertificate -cert Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602 -FilePath root-authority.pfx -Password $ pwd
Export-Certificate -Cert Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602 -FilePath root-authority.crt3. Import the .crt to "Trusted Root Certification Authorities" 4. Create certificate signed with that Trusted $ rootcert = (Get-ChildItem -Path Cert: \ LocalMachine \ My \ 1C5DED4F0340FB7872A2EB9F36B8D3588F22F602)
New-SelfSignedCertificate -CertStoreLocation Cert: \ LocalMachine \ My -DnsName "fivetech" -Signer $ rootcert5. Select it in Bindings in IIS. And voila: zwinkern:
image.png
image.png
Antonio Linares 09:57 Uhr
image.png
image.png
Charly: palme: 10:07 Uhr
Account for all this to serve, plis: leichtes_lächeln:
Antonio Linares 10:16 Uhr
Suppose a client wants us to make a web app using mod_harbour but wants the application to work using https
So we generate a certificate for free and we can start using the app by https