Generate Self-signed certificate with Root CA Signer

后端未结

关注

 3  1854

野性不改 2021-02-03 14:05

Scenario: I am using PowerShell on Windows Server 2012r2 to generate a Root certificate and want to use that to sign a newly created Intermediate and Web certificate in

3条回答

悲哀的现实 (楼主)

2021-02-03 14:41

How about simply doing this:

$cert = New-SelfSignedCertificate -FriendlyName "MyCA"
      -KeyExportPolicy ExportableEncrypted 
      -Provider "Microsoft Strong Cryptographic Provider" 
      -Subject "SN=TestRootCA" -NotAfter (Get-Date).AddYears($ExpiryInYears) 
      -CertStoreLocation Cert:\LocalMachine\My -KeyUsageProperty All 
      -KeyUsage CertSign, CRLSign, DigitalSignature

Important parameters are -KeyUsageProperty and -KeyUsage.

0 讨论(0)

查看其它3个回答