Script to request a certificate from a Windows CA or issuing CA using powershell. This scripts uses the Get-Certificate cmdlet to request a certificate and exports the pfx file on the local server.

The script accepts the following parameters.

 

PowerShell
Edit|Remove
.\Request-Certificate.ps1 -CN www.microsoft.com,www.xbox.com -TemplateName WebServer -UseDefault 

 

The CN accepts string array and the certificate is issued to the first DNS name and rest are added to the SANs.

TemplateName. No points for guessing what must be the value for this parameter.

-UseDefault switch is used to use the existing defined subject parameters. If this switch is not used, the script will prompt the user to provide the subject parameters.

Once executed, the script requests a certificate from the Windows CA, stores the certificate in local computer store, generates a random password and exports the certificate in PFX format and password to the file in a text file.

Note: There is however a bug in this script, It cannot issue a wildcard certificate because the script writes the password to the file with the Issued to name. Since a file cannot contain asterik, the writing of password file fails.

Any constructive feedback and bug reports are welcomed.