From 7e001746209cdc3524dd6f430621ab8d341b83ef Mon Sep 17 00:00:00 2001 From: Matthew McKinnon Date: Thu, 5 Dec 2024 21:38:06 +1000 Subject: [PATCH] Initial Commit --- general/Accept-CSR.ps1 | 27 +++++++++++++++++++++++++++ general/New-CSR.ps1 | 38 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 65 insertions(+) create mode 100644 general/Accept-CSR.ps1 create mode 100644 general/New-CSR.ps1 diff --git a/general/Accept-CSR.ps1 b/general/Accept-CSR.ps1 new file mode 100644 index 0000000..2e9cee1 --- /dev/null +++ b/general/Accept-CSR.ps1 @@ -0,0 +1,27 @@ +# Get Certificate +$Path = ($pwd).Path +$CertificateName = (Get-ChildItem $Path | Where { $_.Name -like "*.crt" }).Name +certreq -accept "$Path\$CertificateName" + +# Get Certificate details +$OldCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -lt 30 } + +$NewCert = Get-ChildItem Cert:\LocalMachine\My | Where-Object { $_.Subject -like "*remote.jwafurniture.com.au*" } | Select-Object -Property Thumbprint, Subject, @{n = 'ExpireInDays'; e = { ($_.notafter - (Get-Date)).Days } } | Where-Object { $_.ExpireInDays -gt 300 } + +# Update IIS Bindings +$bindingInfo = "IIS:\SSLBindings\*!443" +$newcert | Set-Item -Path $bindingInfo + +#Remove Old Certificate +$Thumb = $OldCert.Thumbprint +Get-ChildItem Cert:\LocalMachine\My\$Thumb | Remove-Item + +$Cert_PWD = ConvertTo-SecureString -String "Passw0rd!" -Force -AsPlainText +$exportPath = 'exported.pfx' +$iiscert = Get-ChildItem Cert:\LocalMachine\My\$Thumb +Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $Cert_PWD -Force +Set-RDCertificate -Role RDGateway -ImportPath "$exportPath" -Password $Cert_PWD -Force +Set-RDCertificate -Role RDWebAccess -ImportPath "$exportPath" -Password $Cert_PWD -Force +Set-RDCertificate -Role RDRedirector -ImportPath "$exportPath" -Password $Cert_PWD -Force +Set-RDCertificate -Role RDPublishing -ImportPath "$exportPath" -Password $Cert_PWD -Force + diff --git a/general/New-CSR.ps1 b/general/New-CSR.ps1 new file mode 100644 index 0000000..e33f546 --- /dev/null +++ b/general/New-CSR.ps1 @@ -0,0 +1,38 @@ +[CmdletBinding()] +param ( + [Parameter(Mandatory)] + [string]$DomainName +) +$CertName = "$DomainName" + +Write-Host "Creating CertificateRequest(CSR) for $CertName" + +$CSRPath = "$($CertName)_.csr" +$INFPath = "$($CertName)_.inf" +$Signature = '$Windows NT$' +$INF = +@" +[Version] +Signature= "$Signature" +[NewRequest] +Subject = "CN=$CertName, L=Brisbane, S=QLD, C=AU" +KeySpec = 1 +KeyLength = 4096 +Exportable = TRUE +MachineKeySet = TRUE +SMIME = False +PrivateKeyArchive = FALSE +UserProtected = FALSE +UseExistingKeySet = FALSE +ProviderName = "Microsoft RSA SChannel Cryptographic Provider" +ProviderType = 12 +RequestType = PKCS10 +KeyUsage = 0xa0 +[EnhancedKeyUsageExtension] +OID=1.3.6.1.5.5.7.3.1 +"@ +write-Host "Certificate Request is being generated `r " +$INF | out-file -filepath $INFPath -force +certreq -new $INFPath $CSRPath +write-output "Certificate Request has been generated" +Get-Content "$($CertName)_.csr" \ No newline at end of file