Generating a Self-Signed Certificate for Scripts

Please run the following as Administrator.
Copy
# This simply generates a self-signed certificate which will import into Secret Server
# Requires .NET 4.5 or above
# Please Run As Administrator

### User Variables ###
# Filename of PFX
$filename = 'PFXNAMEHERE.PFX'

# Certificate Password for PFX
$pass = Read-Host -Prompt "Please Enter Password for .pfx file" -AsSecureString
# DNS name in certificate
$dnsname = Read-Host -Prompt "Please enter the server's FQDN"

###--Commands--###
# NOTE: The provider must be set in order to be compatible with .NET 4.5 newer versions of .NET can import certs from more providers
try { 
    $cert = New-SelfSignedCertificate -CertStoreLocation cert:\localmachine\my -DnsName $dnsname -HashAlgorithm SHA256 -KeyLength 4096 -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"
    $path = 'cert:\localmachine\my\' + $cert.thumbprint
    Export-PfxCertificate -Cert $path -FilePath $filename -Password $pass
    # remove from cert store
    Remove-Item $path
}
catch { Write-Error $_ }