Skip to main content

Let's Encrypt on Windows

Let's Encrypt Homepage

Posh-ACME

Use Post-ACME to request SAN SSL Certificate for ADFS Server

# Request SSL SAN Certificate from Let's Encrypt
# https://github.com/rmbolger/Posh-ACME
# Minimum PowerShell version: 5.1

# Install Posh-ACME

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

Set-PSRepository -Name PSGallery -InstallationPolicy Trusted

# install for all users (requires elevated privs)
Install-Module -Name Posh-ACME

# install for current user
# Install-Module -Name Posh-ACME -Scope CurrentUser

# Get-ExecutionPolicy
Set-ExecutionPolicy RemoteSigned -Force -Scope CurrentUser

# Open firewall port tcp:80 - Use for http-challange method
# netsh advfirewall firewall add rule name = HTTP dir = in protocol = tcp action = allow localport = 80 profile = PUBLIC

$pfxpass = "password-to-protect-cert-file"
$contact_email = "your-email-address"
$domainname = "your-public-domain-name"
$cn = "adfs.${domainname}"
$san1 = "sts.${domainname}"
$san2 = "enterpriseregistration.${domainname}"
$san3 = "certauth.adfs.${domainname}"

# New-PACertificate "*.${domainname}",$domainname -AcceptTOS -Contact $contact_email

# Request SSL Cert using Godaddy's API Key&Secret
# $gdSecret = Read-Host Secret -AsSecureString
$gdkey = "godaddy-api-key"
$gdsecret = "godaddy-api-secret"
$pArgs = @{GDKey=$gdkey;GDSecret=$gdsecret}

New-PACertificate $cn,$san1,$san2,$san3 -DnsPlugin GoDaddy -PluginArgs $pArgs -AcceptTOS -Contact $contact_email -PfxPass $pfxpass -Install

# Get SSl Cert
Get-PACertificate | Format-List

Popular posts from this blog

GCP: Google Cloud Shell

Google Cloud Shell is a tool for managing resources hosted on Google Cloud Platform! The machine comes pre-installed with the Google Cloud SDK and other popular developer tools.

GitHub CLI

GitHub CLI brings GitHub to your terminal. Free and open source. Official website: https://cli.github.com

[Microsoft Outlook]: Set .pst and .ost files location with ForcePSTPath Registry Key

Set .pst and .ost files location with ForcePSTPath Registry Key The ForcePSTPath registry key is supported by Microsoft Outlook 2003 and later. In Microsoft Outlook 2003 and 2007, it applies to new profiles only. Microsoft Outlook 2013 and Outlook 2016 it applies to new accounts created in a profile. Microsoft Outlook 2013 saves .pst in   %userprofile%\Documents\Outlook Files folder by default. We can change that default setting by adding a new string registry key called ForcePSTPath and set the value to the folder that we want to save those files. Set Microsoft Outlook 2013 always save new .pst and .ost files to D:\Data\Mail folder OST file reached the maximum size The OST File Has Reached The Maximum Size