zmeier/Backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
90667af3ab33e90e6acaea4b3e68550b3dfd159b
Backup/_NDGOV_WindowsTeam/ITD.Infra-Certificate-External.Sectigo/README.md
T
Zack Meier 1d304511b8 update
2026-04-15 15:45:50 -05:00

122 lines
2.9 KiB
Markdown
Raw Blame History

# ITD.Infra-Certificate-Internal.Sectigo
### Written by: Freeman Peterson fjpeterson@nd.gov
# Description
This module is used to interact Sectigo API
## Prerequisites
None
# Api Documentation
https://www.sectigo.com/knowledge-base/detail/Sectigo-Certificate-Manager-SCM-REST-API/kA01N000000XDkE
# Git repo
https://dev.azure.com/ndgov/NDIT-WindowsServerTeam/_git/ITD.Infra-Certificate-Internal.Sectigo
# Install
### Add Gallary
```
Register-PSRepository -Name ITD_PwshGallery `
-SourceLocation "https://powershell.nd.gov/ITD_PwshGallery/nuget/" `
-PublishLocation "https://powershell.nd.gov/ITD_PwshGallery/nuget/" `
-InstallationPolicy Trusted
```
### Install Module
```
Find-Module -Repository ITD_PwshGallery -Name ITD.Infra-Certificate-Internal.Sectigo|Install-Module -Scope CurrentUser
```
### Validate Module installed
```
Get-Command -Module ITD.Infra-Certificate-Internal.Sectigo
```
### Update Module
```
Find-Module -Repository ITD_PwshGallery -Name ITD.Infra-Certificate-Internal.Sectigo|Update-Module
```
# Examples and Information
### Obtaining CSR From File
```
$csr = (Get-Content -Path "c:\temp\hostname.csr" -Raw)
```
### Get Token Prompt for Creds
```
$env:Sectigoclientid='b16d95fd-405f-4d41-a748-c1035916a359'
$env:SectigoclientSecret=redacted
Get-SectigoApiToken
```
### Test Cert Request
```
Test-SectigoCertificateRequest -FilePath $csrpath
```
### Enroll the CSR
```
$certRequest = Enroll-SectigoCertificateRequest -Csr $csr -dcvEmail 'youremail@nd.gov" #-Comment "app123"
```
### Get Cert Status
```
Get-SectigoCertificate -Orderid $certRequest.sslid
```
### Wait for approval
```
while ($certstatus -ne "Issued") {
$certstatus=(Get-SectigoCertificate -OrderId $certRequest.sslid).status
Sleep 1
}
```
### Download Cert
```
$CertPath = (Download-SectigoCertificate -Orderid $certRequest.sslid -Format "pem").FullName
```
Default Format: Pem
'x509' - for Certificate (w/ chain) PEM encoded
'x509CO' - for Certificate only, PEM encoded
'base64' - for PKCS#7, PEM encoded
'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded
'x509IOR' - for Intermediate(s)/Root only, PEM encoded
'pem' - for Certificate (w/ chain), PEM encoded
'pemco' - for Certificate only, PEM encoded
'pemia' - for Certificate (w/ issuer after), PEM encoded
'x509R' - for Certificate (w/ chain), PEM encoded
base64
### Add it to a cert store
As administrator:
```
Import-Certificate -FilePath "C:\Certs\cert_OrderNumber.pem" -CertStoreLocation Cert:\LocalMachine\My
```
# Other functions
### Revoke
```
Revoke-SectigoCertificate -reasonCode 4 -reason "Just a test" -Orderid 11012388
```
No results will be given back to you.
*If you revoke a cert you will no longer see them in Get-SectigoCertificate
Reason code (unspecified (0), keyCompromise (1), affiliationChanged (3), superseded (4), cessationOfOperation (5))
### Org Lookup
```
Get-SectigoOrg
```
### Certificate Types
```
Get-SectigoCertificateTypes
```
Reference in New Issue View Git Blame Copy Permalink