Script para Auxiliar na VPN Point-to-Site e OpenVPN com o Azure

Buenas Pessoal!!

Realizei um script para auxiliar a configuração da VPN point-to-site e OpenVPN com o Azure em máquinas Windows. Este script gera de forma fácil e iterativa, os certificados e chave necessárias para o processo de configuração de ambos tipos de VPN.

VPN_Logo

Pré-requisitos:

OpenSSL (Você pode baixa-lo aqui https://www.openssl.org)
Powershell

#####################################
#Autor: Eduardo Kieling
#Blog: Https://eduardokieling.com
#Microsoft Azure MVP
#####################################
#>>>Create a certificate root and client + Key For PointTOSite VPN on Azure<<<
#####################################
#
#####################################
#GLOBAL VARIABLES
#####################################
$exportpath = "C:\" #File Path
$certname = Read-Host "Certificate Name"
$pass = Read-Host  "Certificate Password" -AsSecureString
#
#
#
#PS:Openssl requirement
#
#
#####################################
#LOCAL VARIABLES
$rootcertcn="CN="+$certname+"_ROOT"
$clientcertcn="CN="+$certname+"_CLIENT"
#CREATE ROOT CERTIFICATE
$certroot = New-SelfSignedCertificate -Type Custom -KeySpec Signature -Subject $rootcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
#CREATE CLIENT CERTIFICATE
$certclient = New-SelfSignedCertificate -Type Custom -DnsName $clientcertcn -KeySpec Signature -Subject $clientcertcn -KeyExportPolicy Exportable -HashAlgorithm sha256 -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Signer $certroot -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
#EXPORT ROOT AND CLIENT CERTIFICATES
$certrootpfx = Export-PfxCertificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.pfx -ChainOption EndEntityCertOnly -NoProperties -Password $pass
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "     Write the same password you entered before     " -ForegroundColor DarkRed -BackgroundColor White
Write-Host "                                                    " -ForegroundColor DarkRed -BackgroundColor White
openssl pkcs12 -in $exportpath\VPN_CLIENT.pfx -nodes -out $exportpath\"VPN_CLIENT_KEY_"$certname".txt"
Remove-Item  $certrootpfx
$certroot64 = Export-Certificate -Cert $certroot -FilePath $exportpath\VPN_ROOT.cer -Type CER
certutil -encode $certroot64 $exportpath\"VPN_ROOT64_"$certname".cer"
Remove-Item  $certroot64
$certclient64 = Export-Certificate -Cert $certclient -FilePath $exportpath\VPN_CLIENT.cer -Type CER
certutil -encode $certclient64 $exportpath\"VPN_CLIENT64_"$certname".cer"
Remove-Item $certclient64

Link para download do script: https://github.com/eduardokieling/AzureVPN/blob/master/VPN_Point_TO_Site_FULL.ps1
Abraço
Eduardo Kieling

Deixe um comentário Cancelar resposta