Posh-ACME
Use Post-ACME to request SAN SSL Certificate for ADFS Server
# Request SSL SAN Certificate from Let's Encrypt
# https://github.com/rmbolger/Posh-ACME
# Minimum PowerShell version: 5.1
# Install Posh-ACME
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
Set-PSRepository -Name PSGallery -InstallationPolicy Trusted
# install for all users (requires elevated privs)
Install-Module -Name Posh-ACME
# install for current user
# Install-Module -Name Posh-ACME -Scope CurrentUser
# Get-ExecutionPolicy
Set-ExecutionPolicy RemoteSigned -Force -Scope CurrentUser
# Open firewall port tcp:80 - Use for http-challange method
# netsh advfirewall firewall add rule name = HTTP dir = in protocol = tcp action = allow localport = 80 profile = PUBLIC
$pfxpass = "password-to-protect-cert-file"
$contact_email = "your-email-address"
$domainname = "your-public-domain-name"
$cn = "adfs.${domainname}"
$san1 = "sts.${domainname}"
$san2 = "enterpriseregistration.${domainname}"
$san3 = "certauth.adfs.${domainname}"
# New-PACertificate "*.${domainname}",$domainname -AcceptTOS -Contact $contact_email
# Request SSL Cert using Godaddy's API Key&Secret
# $gdSecret = Read-Host Secret -AsSecureString
$gdkey = "godaddy-api-key"
$gdsecret = "godaddy-api-secret"
$pArgs = @{GDKey=$gdkey;GDSecret=$gdsecret}
New-PACertificate $cn,$san1,$san2,$san3 -DnsPlugin GoDaddy -PluginArgs $pArgs -AcceptTOS -Contact $contact_email -PfxPass $pfxpass -Install
# Get SSl Cert
Get-PACertificate | Format-List