...
Log into a server joined to the Austin Active Directory as a user with permissions to request a certificate from the desired template
Open an administrative PowerShell prompt
In the same administrative PowerShell prompt, run the following command to set the filename and subject of the certificate:
Code Block $cert_url = <FQDN for the certificate>
In the same administrative PowerShell prompt, run one or more of the following to export the certificate:
To export the public and private keys in to a PFX file, run the following commands:
Code Block $cert_file = $cert_url.Split(".")[0] + "_" + (Get-Date -Format yyyyMMdd-HHmmss) $cert_file_pfx = ((Get-Location).Path + "\" + $cert_file + ".pfx") $cert_cred = Get-Credential -Credential "Certificate" $cert_obj = Get-ChildItem -Path "cert:\LocalMachine\My" | Where-Object {$_.Subject -match $cert_url} | Sort-Object NotBefore -Descending | Select-Object -First 1 $cert_obj | Export-PfxCertificate -FilePath $cert_file_pfx -Password $cert_cred.PasswordTo export the public key to a CRT and and a PEM file, run the following commands:
Code Block $cert_file = $cert_url.Split(".")[0] + "_" + (Get-Date -Format yyyyMMdd-HHmmss) $cert_file_crt = ((Get-Location).Path + "\" + $cert_file + ".crt") $cert_file_pem = ((Get-Location).Path + "\" + $cert_file + ".pem") $cert_obj = Get-ChildItem -Path "cert:\LocalMachine\My" | Where-Object {$_.Subject -match $cert_url} | Sort-Object NotBefore -Descending | Select-Object -First 1 $cert_obj | Export-Certificate -FilePath $cert_file_crt $cert_pem = [System.Convert]::ToBase64String((Get-Content -Path $cert_file_crt -Encoding Byte)) -replace '.{64}',"`$&`r`n" ("-----BEGIN CERTIFICATE-----", $cert_pem,"-----END CERTIFICATE-----") -join "`r`n" | Out-File -FilePath $cert_file_pem -Encoding ASCII -Force