i came up with this today
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
<span class="pln">add</span><span class="pun">-</span><span class="pln">type </span><span class="pun">@</span><span class="str">" using System.Net; using System.Security.Cryptography.X509Certificates; public class TrustAllCertsPolicy : ICertificatePolicy { public bool CheckValidationResult( ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { return true; } } "</span><span class="pun">@</span> <span class="pun">[</span><span class="typ">System</span><span class="pun">.</span><span class="typ">Net</span><span class="pun">.</span><span class="typ">ServicePointManager</span><span class="pun">]::</span><span class="typ">CertificatePolicy</span> <span class="pun">=</span> <span class="typ">New</span><span class="pun">-</span><span class="typ">Object</span> <span class="typ">TrustAllCertsPolicy</span> you can look up the thumbprint to compare which one it is get-childitem Cert:\CurrentUser\My $superadmin = get-childitem Cert:\CurrentUser\My\YOUR_SUPERADMIN_CERT_HASH invoke-webrequest -Uri "https://infralab.local:32768/ejbca/publicweb/webdist/certdist?cmd=lastcert&installtobrowser=&subject=CN%3dgregu.host.com&format=chain&hidemenu=false" -method "Get" -Certificate $superadmin what's left is to generate the cert order via csr. this just just downloading the already made cert. |
