Self Signed Cert (.pfx and .pem)
Script for creating a self-signed PKCS #12 / .pfx certificate along with its PEM for making cert/key files with e.g. notepad. Originally created for use with Sonarr, Radarr and NzbGet for simple SSL setup. Just run the cmd script as admin and follow its instructions.
[ psSelfSignedCertGen.zip ] (Includes openssl binary)
@ECHO OFF MODE CON CODEPAGE SELECT=1252 >nul 2>&1 COLOR 0B REM REM Run this script as administrator. Tested on Windows 10 64-bit. Some REM commands for automating export was not on the platform while testing, REM so that part has been made manual. Creates a PEM for splitting into REM cert/key files if needed, it's handy to have. I created this script REM for easy creation of Sonarr(.pfx), Radarr(.pfx) and NzgGet (cert/key) REM SSL setup. REM REM Sonarr: Just copy the generated .pfx file to client computers and REM manually import it into the ROOT CA via MMC and snap-in. REM REM Radarr: Use the same hash as Sonarr. Done. REM REM NzbGet: Split the PEM file cert/key parts into plain text files. Done. REM cd %~dp0 rmdir /S /Q out >nul 2>&1 mkdir out echo. set /p DOM_LIST=Enter comma-separated domain list: set /p PFX_NAME=Enter name of certificate: echo Generating a self signed certificate into your personal store. powershell.exe -noprofile -executionpolicy bypass -file psSelfGenPart.ps1 %DOM_LIST% echo. pause cls echo MANUAL ACTION REQUIRED (OS DEPENDENCIES): echo ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ echo 1. Run MMC, add snap-in local computer certificate stores. echo. echo 2. Right-click the newly created personal certificate and echo export it as a PKCS #12(.pfx) together with its own key echo as well as all its extended properties. echo. echo 3. Choose a password. echo. echo 4. Give it the name you defined: "out\%PFX_NAME%.pfx". echo. echo Continue when you're done... pause cls echo Generating a PEM file of the exported PFX file. echo You can create cert/key files from its clear text parts. openssl pkcs12 -in out\\%PFX_NAME%.pfx -out out\\%PFX_NAME%.pem -nodes >nul 2>&1 echo. echo DONE. pause
Its PowerShell component for generating the .pfx certificate
param($p1) $domains = $p1 -split ',' New-SelfSignedCertificate -DnsName $domains -CertStoreLocation cert:\LocalMachine\My -NotAfter 2050.1.1