How I can generate a server SSL Certificate Signing Request (CSR) from C#? If PowerShell is a better option, that would be a good solution as well.
I know it's three years later, but the links in Yahia's solution state that they will not work for Server 2008. Using PowerShell, I was able to use Certreq.exe, which ships with Server 2008, to generate the CSR. The documentation for Certreq is here , along with the full format for the INF file. Of course, substitute your own values for the distinguished name. The letters correspond to these fields:
The script assumes you have an environment variable named TEMP that points to a directory for which you have write access:
$reqFile = 'C:\ChangeMe\Request.req'
Push-Location $env:TEMP
@"
[NewRequest]
Subject = "CN=www.contoso.com, O=Contoso Inc, OU=Sales, L=Redmond, S=Washington, C=US"
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
KeyLength = 2048
MachineKeySet = true
FriendlyName = "www.contoso.com"
[RequestAttributes]
CertificateTemplate="WebServer"
"@ | Out-File .\request.inf -Encoding default -Force
certreq -f -new request.inf `"$reqFile`"
Pop-Location
For those who are new to PowerShell, the @"
and "@
delimiters must not be indented. (These define what is known as a "Here-String"... more information here .)
Some general pointers:
EDIT - as per comments:
The COM object CertEnroll
provided by MS can be accessed via PowerShell...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.