question

KenAnnable-8206 avatar image
0 Votes"
KenAnnable-8206 asked BobJohnson-6874 edited

How get your own SSL certificates to work with Windows Device Portal

100765-image.png


not-supported
image.png (153.5 KiB)
· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Here's the rest in another comment because of 1000 character limit:

     -CertStoreLocation Cert:\CurrentUser\My `
     -NotAfter (Get-Date).AddYears(3) `
     -KeyUsage ([Microsoft.CertificateServices.Commands.KeyUsage])::DigitalSignature `
     -KeyUsageProperty ([Microsoft.CertificateServices.Commands.KeyUsageProperty]::All) `
     -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2","2.5.29.19={critical}{text}ca=FALSE")

 $IssuedToClean = $IssuedTo.Replace(":", "-").Replace(" ", "_")
 $FileSpec = "<path goes here>" + $IssuedToClean + "_wdp.pfx"
 $certFile = Export-PfxCertificate -cert $cert -ChainOption EndEntityCertOnly -FilePath $FileSpec -Password (ConvertTo-SecureString -String $Password -Force -AsPlainText)

}

0 Votes 0 ·

Here's update script to make my certs attributes match those generated by WebManagement service.

$IssuedToList = "localhost","W10-02","::1","127.0.0.1","192.168.254.18","fe80::e048:dd41:b861:9505"
$Password = "LetMeIn"


$rootCA = Get-ChildItem -Path Cert:\CurrentUser\my\26ebffe81b6b46a0c6c8e9bcf98f33a5d5f85494
foreach($IssuedTo in $IssuedToList) {
$Subject = "CN=" + $IssuedTo
$cert = New-SelfSignedCertificate -Type ([Microsoft.CertificateServices.Commands.CertificateType]::SSLServerAuthentication)
-Subject $Subject -DnsName $IssuedTo
-FriendlyName ("WDP-" + $IssuedTo) -Signer $rootCA
-KeyAlgorithm 'RSA' -KeyExportPolicy ([Microsoft.CertificateServices.Commands.KeyExportPolicy]::Exportable)
-HashAlgorithm ([System.Security.Cryptography.HashAlgorithmName]::SHA512) `

0 Votes 0 ·

The certificates generated by this updated script did not resolve the issue - same issues as described in original post.

0 Votes 0 ·

0 Answers