Powershell executing makecert with variables givin

2019-09-01 11:45发布

问题:

The following command worked in powershell:

$currentDirectory = Split-Path $Script:MyInvocation.MyCommand.Path
& "$currentDirectory\Makecert\makecert.exe" –sv actualCnName.pvk -n "cn=actualCnName" actualCnName.cer -r -eku 1.3.6.1.5.5.7.3.1 

But I want to parameterize these and use the variable names $pvkName, $cnName and $cerName. The error when executing:

$cnName = "actualCnName"
$pvkName = $cnName + ".pvk"
$cerName = $cnName + ".cer"
$pfxName = $cnName + ".pfx"

& "$currentDirectory\Makecert\makecert.exe" –sv $pvkName -n "cn=$cnName" $cerName -r -eku 1.3.6.1.5.5.7.3.1

is

[DBG]: PS C:\WINDOWS\system32>> 
Error: Too many parameters
Usage: MakeCert [ basic|extended options] [outputCertificateFile]
Basic Options
 -sk  <keyName>      Subject's key container name; To be created if not present
 -pe                 Mark generated private key as exportable
 -ss  <store>        Subject's certificate store name that stores the output 
                     certificate
 -sr  <location>     Subject's certificate store location.
                        <CurrentUser|LocalMachine>.  Default to 'CurrentUser'
 -#   <number>       Serial Number from 1 to 2^31-1.  Default to be unique
 -$   <authority>    The signing authority of the certificate
                        <individual|commercial>
 -n   <X509name>     Certificate subject X500 name (eg: CN=Fred Dews)
 -?                  Return a list of basic options
 -!                  Return a list of extended options
[DBG]: PS C:\WINDOWS\system32>> 

Wondering how to get around this error.

回答1:

Here is an example of the way I use to call native exe with commented usage and parameters :

# Gen-CACert.ps1
clear-host

$scriptBlock = {.\Makecert -n `"CN=PowerShell Authorite de certification`"  <# Sujet du certificat (conforme à la norme X50 #>`
                           -a sha1                                          <# Algorithme utilisé #>`
                           -eku 1.3.6.1.5.5.7.3.3                           <# Option du certificat (signature de code) #>`
                           -r                                               <# Certificat auto signé #>`
                           <# -ss `"$($args[0])`"                              Dossier de stockage du certificat #>`
                           -ss `"root`"                                     <# Dossier de stockage du certificat #>`
                           -sr localMachine                                 <# Magasin de stockage localmachine ou currentuser (defaut) #>`
                           -sv `"$($args[0]).pvk`"                          <# Nom du fichier contenant la clef privée #>`
                           `"$($args[0]).cer`"}                             <# Nom du fichier certificat #>

$PoshCARoot = "PoshCARoot"
Invoke-Command -ScriptBlock $scriptBlock  -ArgumentList $PoshCARoot