/
xconnect-createcert.json
66 lines (66 loc) · 2.51 KB
/
xconnect-createcert.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
{
"Parameters": {
"CertificateName": {
"Type": "string",
"Description": "The name of the certificate to be created."
},
"CertPath": {
"Type": "string",
"Description": "The physical path on disk where certificates will be stored.",
"DefaultValue": "c:\\certificates"
},
"RootCertFileName": {
"Type": "string",
"Description": "The file name of the root certificate to be created.",
"DefaultValue": "SitecoreRootCert"
}
},
"Variables": {
// The name dns name of the root certificate.
"Root.Cert.DnsName": "[concat('DO_NOT_TRUST_', parameter('RootCertFileName'))]",
// The certificate store for the root certificate.
"Root.Cert.Store": "cert:\\LocalMachine\\Root",
// The certificate store for the client certificate.
"Client.Cert.Store": "cert:\\LocalMachine\\My"
},
"Tasks": {
"CreatePaths": {
// Create the physical disk path.
"Type": "EnsurePath",
"Params": {
"Exists": [
"[parameter('CertPath')]"
]
}
},
"CreateRootCert": {
// Create the root certificate.
"Type": "NewRootCertificate",
"Params": {
"Path": "[parameter('CertPath')]",
"Name": "[parameter('RootCertFileName')]",
"StoreLocation": "CurrentUser",
"DnsName": "[variable('Root.Cert.DnsName')]"
}
},
"ImportRootCertificate": {
// Import the root certificate.
"Type": "ImportCertificate",
"Params": {
"CertStoreLocation": "[variable('Root.Cert.Store')]",
"FilePath": "[concat(joinpath(parameter('CertPath'), parameter('RootCertFileName')), '.crt')]"
}
},
"CreateSignedCert": {
// Create a certificate signed by the root authority.
"Type": "NewSignedCertificate",
"Params": {
"Signer": "[GetCertificate(variable('Root.Cert.DnsName'), variable('Root.Cert.Store'))]",
"Path": "[parameter('CertPath')]",
"CertStoreLocation": "[variable('Client.Cert.Store')]",
"Name": "[parameter('CertificateName')]",
"DnsName": "[parameter('CertificateName')]"
}
}
}
}