-
Notifications
You must be signed in to change notification settings - Fork 119
/
WinrmAppveyor.psm1
32 lines (24 loc) · 1.25 KB
/
WinrmAppveyor.psm1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
function New-ClientCertificate {
param([String]$username, [String]$basePath = ((Resolve-Path .).Path))
$env:OPENSSL_CONF=[System.IO.Path]::GetTempFileName()
Set-Content -Path $env:OPENSSL_CONF -Value @"
distinguished_name = req_distinguished_name
[req_distinguished_name]
[v3_req_client]
extendedKeyUsage = clientAuth
subjectAltName = otherName:1.3.6.1.4.1.311.20.2.3;UTF8:$username@localhost
"@
$user_path = Join-Path $basePath user.pem
$key_path = Join-Path $basePath key.pem
$pfx_path = Join-Path $basePath user.pfx
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -out $user_path -outform PEM -keyout $key_path -subj "/CN=$username" -extensions v3_req_client 2>&1
openssl pkcs12 -export -in $user_path -inkey $key_path -out $pfx_path -passout pass: 2>&1
del $env:OPENSSL_CONF
}
function New-WinrmUserCertificateMapping {
param([String]$issuer)
$secure_pass = ConvertTo-SecureString $env:winrm_password -AsPlainText -Force
$cred = New-Object System.Management.Automation.PSCredential ($env:winrm_user, $secure_pass)
New-Item -Path WSMan:\localhost\ClientCertificate -Subject "$env:winrm_user@localhost" -URI * -Issuer $issuer -Credential $cred -Force
}
Export-ModuleMember New-ClientCertificate, New-WinrmUserCertificateMapping