If you’ve worked with Windows Azure you’ll know that a certificate is required to interface with Windows Azure from external tools such as PowerShell and Visual Studio. However management certificates are also required to interact with Windows Azure as well. For example, the solutions within System Center 2012 require a management certificate to manage or monitor Windows Azure resources.
I’ve lost count of how many times I’ve manually created a certificate to use with Windows Azure. So I decided to script as much of the process as possible.
- Windows Server 2012 R2
- Windows command prompt
- Windows 8.1 SDK – for makecert.exe (Visual Studio comes with makecert.exe as well) install.
Once makecert.exe is installed on the machine you will connect to Windows Azure with, open a command prompt. The command prompt may default to PowerShell, at the prompt type in “cmd” to access Windows Shell scripting console.
Copy and paste the following to your favorite text editor and save as a .cmd file (pick any file name you like).
echo This script will create an Azure certificate and export for use in Windows Azure.
echo Computer Name
echo creating folder: %SystemDrive%\certs
dir "C:\Program Files (x86)\Windows Kits\8.1\bin\x64" | findstr /i "makecert.exe"
IF ERRORLEVEL = 1 GOTO ERROR
IF ERRORLEVEL = 0 GOTO CreateCert
echo creating cert and placing it in %SystemDrive%\certs
"C:\Program Files (x86)\Windows Kits\8.1\bin\x64\makecert.exe" -r -pe -n CN=%computername%-AzureCert -ss my -sr localmachine -eku 22.214.171.124.126.96.36.199.2 -len 2048 -e 01/01/2016 %computername%-AzureCert.cer
echo makecert.exe file not found. Please check directory path above or download and install the Windows 8.1 SDK from http://www.microsoft.com/click/services/Redirect2.ashx?CR_EAC=300135395
Run the script from the cmd prompt:
Here is the cert in the \certs folder:
Open the MMC and add the Certificate add in for the local computer:
Now you’re ready to take the certificate and upload it to the Windows Azure services that request one.