Reputation: 767
Creating self signed certificate - ./makecert using powershell
I'm using the below code for enabling WinRM https listener but while executing the code in Powershell, I am getting the following error:
.\makecert : The term '.\makecert' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
I tried to provide the fully qualified path of cert.exe, but that didn't work. After providing the fully qualified path, I started getting the following new error:
Get-Random : Parameter cannot be processed because the parameter name 'e' is ambiguous. Possible matches include: -ErrorAction -ErrorVariable
Full code:
function Configure-WinRMHttpsListener
{
param(
[Parameter(Mandatory = $true)]
[string] $HostName,
[Parameter(Mandatory = $true)]
[string] $port)
# Delete the WinRM Https listener if it is already configured
Delete-WinRMListener
# Create a test certificate
$thumbprint = (Get-ChildItem cert:\LocalMachine\My | Where-Object { $_.Subject -eq "CN=" + $hostname } | Select-Object -Last 1).Thumbprint
if(-not $thumbprint)
{
#$serial = Get-Random
#"C:\Program Files (x86)\Windows Kits\10\bin\x64\makecert.exe" -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -# $serial
#$thumbprint=(Get-ChildItem cert:\Localmachine\my | Where-Object { $_.Subject -eq "CN=" + $hostname } | Select-Object -Last 1).Thumbprint
#C:\Program Files (x86)\Windows Kits\10\bin\x86\makecert -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
$serial = Get-Random .\makecert -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -# $serial
$thumbprint=(Get-ChildItem cert:\Localmachine\my | Where-Object { $_.Subject -eq "CN=" + $hostname } | Select-Object -Last 1).Thumbprint
if(-not $thumbprint)
{
throw "Failed to create the test certificate."
}
}
$response = cmd.exe /c .\winrmconf.cmd $hostname $thumbprint
}
Upvotes: 2
Views: 1669
Answers (1)
Reputation: 23355
$serial = Get-Random .\makecert -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -# $serial
Is actually two separate lines of code that seem to have inadvertently got merged on to one ($serial = get-random being the first line). They either need to be separated by a semi-colon (after get-random) or put on two separate lines as fllows. You'll also probably need to use the full path to Makecert.exe (or alternatively be running the script from the directory it is in but still referencing it as .\makecert.exe):
Correct the above code to this:
$serial = Get-Random
& "C:\Program Files (x86)\Windows Kits\10\bin\x64\makecert.exe" -r -pe -n CN=$hostname -b 01/01/2012 -e 01/01/2022 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr localmachine -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -# $serial
Upvotes: 1
Related Questions
- Signing a PowerShell script with self-signed certificates (and without makecert.exe)
- How can I create a self signed certificate?
- How to create the code signing certificate through the New-SelfSignedCertificate cmdlet
- Unable to generate self signed certificate using Powershell
- How to translate a MakeCert command to New-SelfSignedCertificate command?
- Using PowerShell to Create Self-Signed Certificate
- Creating self-signed PowerShell scripts start to finish
- Powershell assigning a Certificate
- How do I generate a self-signed certificate and use it to sign my powershell script?
- makecert requesting password