使用Windows PowerShell创建证书

Create Root Certificate 创建根证书

Secure Sockets Layer (SSL) is a cryptographic protocol that provides security and data integrity for data communications over a network. By encrypting your web store and ERP Web service with SSL, you make your data and your network more secure and more reliable.
安全套接字层 (SSL) 是一种加密协议,可为网络上的数据通信提供安全性和数据完整性。通过使用SSL加密您的网上商店和ERP Web服务,您可以使您的数据和网络更加安全可靠。

This guide covers creating your own Root Certificate, exporting the PFX certificate, and creating the certificate signed by your root certificate authority using Windows PowerShell. For more information, see New-SelfSignedCertificate.
本指南介绍如何创建自己的根证书、导出 PFX 证书以及使用 Windows PowerShell 创建由根证书颁发机构签名的证书。有关详细信息,请参阅新的自签名证书 。

A self-signed SSL certificate can be used to test your web store, but it shouldn't be used on the production environment. On the production environment, you must use a real SSL certificate to secure your web store. You can also use the self-signed SSL certificate to secure your ERP connection.
自签名 SSL 证书可用于测试您的网上商店,但不应在生产环境中使用。在生产环境中,您必须使用真正的SSL证书来保护Web商店。您还可以使用自签名 SSL 证书来保护您的 ERP 连接。

For more information, see Data Security.
有关详细信息,请参阅数据安全 。

Create Root Certificate 创建根证书

Step 1: Run Windows PowerShell as an administrator. Navigate to the folder where the certificate must be created.
第 1 步:以管理员身份运行 Windows PowerShell。导航到必须在其中创建证书的文件夹。

Step 2: Execute the following command, replacing the value of the DnsName parameter with something relevant to you, for example the name of your company.
第 2 步:执行以下命令,将 DnsName 参数的值替换为与您相关的内容,例如公司名称。

New-SelfSignedCertificate -CertStoreLocation "cert:\LocalMachine\My" -DnsName "Sana Commerce" -KeyusageProperty All -KeyUsage CertSign, CRLSign, DigitalSignature


Executing this command will add the self-signed SSL certificate to your local certificate store. You will also see the certificate thumbprint. You will need it to export the certificate.
执行此命令会将自签名 SSL 证书添加到本地证书存储中。您还将看到证书指纹。您将需要它来导出证书。

 

 

Step 3: Next, you need to populate a variable with a password, you'll use when exporting the certificate from the local certificate store. Execute the following command, replacing the value of the String parameter with the strong password.
第 3 步:接下来,您需要使用密码填充变量,您将在从本地证书存储中导出证书时使用。执行以下命令,将 String 参数的值替换为强密码。

$pwd = ConvertTo-SecureString -String "abcABC123!" -Force -AsPlainText


Step 4
: Export the certificate from the local certificate store by executing the command below. Replace the certificate thumbprint and specify the name of the certificate (*.pfx).

第 4 步:通过执行以下命令从本地证书存储中导出证书。替换证书指纹并指定证书的名称 (*.pfx)。

 

Export-PfxCertificate -Cert cert:\localMachine\my\AFA299CD881192D3F3FDE92BB463180C8540FC8A -FilePath sanaroot.pfx -Password $pwd

 

Now you can find the certificate (*.pfx) in the folder specified in the first step.
现在,您可以在第一步中指定的文件夹中找到证书 (*.pfx)。

Step 5: Import the created certificate to the Trusted Root Certification Authorities certificates.
第 5 步:将创建的证书导入受信任的根证书颁发机构证书。

 

posted @   阿杜桑  阅读(10)  评论(0编辑  收藏  举报
相关博文:
阅读排行:
· 微软正式发布.NET 10 Preview 1:开启下一代开发框架新篇章
· 没有源码,如何修改代码逻辑?
· DeepSeek R1 简明指南:架构、训练、本地部署及硬件要求
· NetPad:一个.NET开源、跨平台的C#编辑器
· PowerShell开发游戏 · 打蜜蜂
点击右上角即可分享
微信分享提示