Create a self-signed certificate for use with Windows Azure using a Windows script.

  • Article

If you’ve worked with Windows Azure you’ll know that a certificate is required to interface with Windows Azure from external tools such as PowerShell and Visual Studio. However management certificates are also required to interact with Windows Azure as well. For example, the solutions within System Center 2012 require a management certificate to manage or monitor Windows Azure resources.

I’ve lost count of how many times I’ve manually created a certificate to use with Windows Azure. So I decided to script as much of the process as possible.

TECHNOLOGIES UTILIZED

  • Windows Server 2012 R2
  • Windows command prompt
  • Windows 8.1 SDK – for makecert.exe (Visual Studio comes with makecert.exe as well) install.

THE PROCESS

Once makecert.exe is installed on the machine you will connect to Windows Azure with, open a command prompt. The command prompt may default to PowerShell, at the prompt type in “cmd” to access Windows Shell scripting console.

Copy and paste the following to your favorite text editor and save as a .cmd file (pick any file name you like).

@echo off

echo This script will create an Azure certificate and export for use in Windows Azure.

echo.

echo Computer Name

echo %computername%

echo.

echo creating folder: %SystemDrive%\certs

mkdir %SystemDrive%\certs

%SystemDrive%

cd certs

echo.

dir "C:\Program Files (x86)\Windows Kits\8.1\bin\x64" | findstr /i "makecert.exe"

IF ERRORLEVEL = 1 GOTO ERROR

IF ERRORLEVEL = 0 GOTO CreateCert

echo.

:CreateCert

echo creating cert and placing it in %SystemDrive%\certs

echo.

"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" -r -pe -n CN=%computername%-AzureCert -ss my -sr localmachine -eku 1.3.6.1.5.5.7.3.2 -len 2048 -e 01/01/2016 %computername%-AzureCert.cer

echo.

echo.

goto end

:ERROR

echo makecert.exe file not found. Please check directory path above or download and install the Windows 8.1 SDK from https://www.microsoft.com/click/services/Redirect2.ashx?CR\_EAC=300135395

goto end

:end

Run the script from the cmd prompt:

clip_image002

Here is the cert in the \certs folder:

clip_image004

Open the MMC and add the Certificate add in for the local computer:

clip_image006

Now you’re ready to take the certificate and upload it to the Windows Azure services that request one.