How to generate IIS7 CSR (for SSL) from C# code or using Powershell on server which IIS is running
Question
How I can generate a server SSL Certificate Signing Request (CSR) from C#? If PowerShell is a better option, that would be a good solution as well.
2 answers
solution1
2 2014-11-26 17:46:55
I know it's three years later, but the links in Yahia's solution state that they will not work for Server 2008. Using PowerShell, I was able to use Certreq.exe, which ships with Server 2008, to generate the CSR. The documentation for Certreq is here , along with the full format for the INF file. Of course, substitute your own values for the distinguished name. The letters correspond to these fields:
- : Common Name :通用名称
- : Organization :组织
- : Organizational Unit :组织单位
- : City/locality :城市/地区
- : State/Province :州/省
- : Country/region :国家/地区
The script assumes you have an environment variable named TEMP that points to a directory for which you have write access:
$reqFile = 'C:\ChangeMe\Request.req'
Push-Location $env:TEMP
@"
[NewRequest]
Subject = "CN=www.contoso.com, O=Contoso Inc, OU=Sales, L=Redmond, S=Washington, C=US"
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
KeyLength = 2048
MachineKeySet = true
FriendlyName = "www.contoso.com"
[RequestAttributes]
CertificateTemplate="WebServer"
"@ | Out-File .\request.inf -Encoding default -Force
certreq -f -new request.inf `"$reqFile`"
Pop-Location
For those who are new to PowerShell, the @" and "@ delimiters must not be indented. (These define what is known as a "Here-String"... more information here .)
solution2
2 ACCPTED 2011-09-29 14:35:17
Some general pointers:
- http://msdn.microsoft.com/en-us/library/aa382488%28VS.85%29.aspx
- http://msdn.microsoft.com/en-us/library/aa382820%28VS.85%29.aspx
- http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.aspx
- http://blogs.msdn.com/b/alejacma/archive/2008/09/05/how-to-create-a-certificate-request-with-certenroll-and-net-c.aspx
- http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/
EDIT - as per comments:
The COM object CertEnroll provided by MS can be accessed via PowerShell...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.