How to generate IIS7 CSR (for SSL) from C# code or using Powershell on server which IIS is running
How I can generate a server SSL Certificate Signing Request (CSR) from C#? If PowerShell is a bett开发者_如何学编程er option, that would be a good solution as well.
Some general pointers:
- http://msdn.microsoft.com/en-us/library/aa382488%28VS.85%29.aspx
- http://msdn.microsoft.com/en-us/library/aa382820%28VS.85%29.aspx
- http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.aspx
- http://blogs.msdn.com/b/alejacma/archive/2008/09/05/how-to-create-a-certificate-request-with-certenroll-and-net-c.aspx
- http://learn.iis.net/page.aspx/144/how-to-set-up-ssl-on-iis-7/
EDIT - as per comments:
The COM object CertEnroll provided by MS can be accessed via PowerShell...
I know it's three years later, but the links in Yahia's solution state that they will not work for Server 2008. Using PowerShell, I was able to use Certreq.exe, which ships with Server 2008, to generate the CSR. The documentation for Certreq is here, along with the full format for the INF file. Of course, substitute your own values for the distinguished name. The letters correspond to these fields:
- CN: Common Name
- O: Organization
- OU: Organizational Unit
- L: City/locality
- S: State/Province
- C: Country/region
The script assumes you have an environment variable named TEMP that points to a directory for which you have write access:
$reqFile = 'C:\ChangeMe\Request.req'
Push-Location $env:TEMP
@"
[NewRequest]
Subject = "CN=www.contoso.com, O=Contoso Inc, OU=Sales, L=Redmond, S=Washington, C=US"
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
KeyLength = 2048
MachineKeySet = true
FriendlyName = "www.contoso.com"
[RequestAttributes]
CertificateTemplate="WebServer"
"@ | Out-File .\request.inf -Encoding default -Force
certreq -f -new request.inf `"$reqFile`"
Pop-Location
For those who are new to PowerShell, the @" and "@ delimiters must not be indented. (These define what is known as a "Here-String"... more information here.)
加载中,请稍侯......
精彩评论