# Made by Pete (pluisi@evolveip.net) # Prompt the user for a password to secure the generated PFX file $CertPfxPwd = Read-Host -Prompt "Enter a password for the certificate file" -AsSecureString # Grab the domain suffix from the command line, or prompt the user for it if ($args[0]) { $DnsName = $args[0] } else { $DnsName = Read-Host -Prompt "Enter the domain name to be used for this certificate" } # Format the filename for the PFX and then save it in the current working directory the user is in $PFXFileName = "$($DnsName -Replace '\.com', '').pfx" $CertPfxFile = "$($PWD)\$($PFXFileName)" # Date/Time Prerequisites $CurrentDate = Get-Date $EndDate = $CurrentDate.AddYears(5) $CertValidityPeriod = $CurrentDate.AddYears(5) # Cert Properties $CertProp = @{ CertStoreLocation = "Cert:\LocalMachine\My" DnsName = $DnsName KeyExportPolicy = "Exportable" Provider = "Microsoft Enhanced RSA and AES Cryptographic Provider" NotAfter = $CertValidityPeriod } $CertThumbprint = (New-SelfSignedCertificate @CertProp).Thumbprint Export-PfxCertificate -Cert "Cert:\LocalMachine\My\$CertThumbprint" -FilePath $CertPfxFile -Password $CertPfxPwd