堆栈内存溢出
  简体   繁体   English

我正在尝试使用 Powershell 在 win server 2012r2 机器上创建自签名证书。目的是将流量从 HTTP 重定向到 HTTPS

[英]I'm trying to create a self signed certificate on win server 2012r2 machine using Powershell. The intent is to redirect traffic from HTTP to HTTPS

 原文  2021-08-23 16:10:14       powershell/ ssl/ iis/ self-signed-certificate/ root-certificate

问题描述

I'm trying to create a self signed certificate on win server 2012r2 machine using Powershell. The intent is to redirect traffic from HTTP to HTTPS.我正在尝试使用 Powershell 在 win server 2012r2 机器上创建自签名证书。目的是将流量从 HTTP 重定向到 HTTPS。

a. A。 do we always need a self signed Root certificate before we create a client certificate?在创建客户端证书之前,我们总是需要一个自签名根证书吗? If yes, how do we repurpose an existing self signed Root certificate?如果是,我们如何重新利用现有的自签名根证书?

b. b. If we are using the existing self signed Root certificate to create a client certificate, the Powershell commands that I see are not compatible with win2012R2.如果我们使用现有的自签名根证书创建客户端证书,我看到的 Powershell 命令与 win2012R2 不兼容。 can someone share the version specific commands?有人可以分享版本特定的命令吗?

1 个解决方案

解决方案1
 0  2021-08-23 19:04:39

You can create a self-signed certificate with this command in Server 2019您可以在 Server 2019 中使用此命令创建自签名证书

https://learn.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate?view=windowsserver2019-ps https://learn.microsoft.com/en-us/powershell/module/pki/new-selfsignedcertificate?view=windowsserver2019-ps

You can try the PSPKI module on server 2012R2您可以在服务器 2012R2 上试用 PSPKI 模块

https://github.com/PKISolutions/PSPKI https://github.com/PKISolutions/PSPKI

it contains the command New-SelfSignedCertificateEx that creates a self-signed cert.它包含创建自签名证书的命令New-SelfSignedCertificateEx

A bunch of other methods to create self signed certs: https://medium.com/the-new-control-plane/generating-self-signed-certificates-on-windows-7812a600c2d8一系列其他创建自签名证书的方法: https://medium.com/the-new-control-plane/generating-self-signed-certificates-on-windows-7812a600c2d8

In IIS you need to bind the certificate to your website.在 IIS 你需要将证书绑定到你的网站。 The certificate will not be trusted by your clients because it is self-signed.该证书不会被您的客户信任,因为它是自签名的。 However, you can import the self-signed certificate to your client's local certificate store.但是,您可以将自签名证书导入客户端的本地证书存储区。

In case you want to build a proper environment, a PKI is needed.如果您想构建一个合适的环境,则需要 PKI。
https://social.tec.net.microsoft.com/wiki/contents/articles/11750.adcs-step-by-step-guide-single-tier-pki-hierarchy-deployment.aspx https://social.tec.net.microsoft.com/wiki/contents/articles/11750.adcs-step-by-step-guide-single-tier-pki-hierarchy-deployment.aspx

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 使用PowerShell创建自签名证书 - Using PowerShell to Create Self-Signed Certificate 如何从使用 PowerShell 自签名的 web 服务器下载证书? - How do I download the certificate from a web server that is self signed using PowerShell? Packer - Windows Server 2012R2 - 安装PowerShell 5 - Packer - Windows Server 2012R2 - Install PowerShell 5 需要自签证书Win2012 r2 SHA256 4年到期 - Need Self-Signed Certificate Win2012 r2 SHA256 4-year expiration 使用PowerShell创建2048位长的自签名证书 - Using PowerShell to Create Self-Signed Certificate of 2048 bits length 从powershell创建自签名的iis ssl证书 - Create self signed iis ssl certificate from powershell 使用powershell禁用自动更新(2012R2) - Disable automatic updates (2012R2) with powershell Windows 2012R2中的Powershell脚本未运行 - Powershell scripts in Windows 2012R2 not running 无法使用 Powershell 生成自签名证书 - Unable to generate self signed certificate using Powershell 如何使用Powershell通过https将自签名证书发送给客户端 - How to send a self signed certificate to clients over https with powershell
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM