Creating New Root and Issuing Certificate Authorities with PowerShell Core, Docker, and CFSSL

About a month ago, I wrote a post about using my MiniLab Module to easily deploy a new Root and Issuing Certificate Authority (CA) to a Windows Domain using Windows VMs. I was able to simplify things to the point where running one function would take care of everything for you. Unfortunately, even though actually using the function (Create-TwoTierPKI) took about 2 seconds, the operations the function handled (i.e. deploying and configuring Windows VMs to become the new Root and Issuing CAs) took about 3 hours – which is a really long time. So, I wanted to write a post about how to use PowerShell Core, Docker For Windows, and CloudFlare’s CFSSL to turn 3 hours into about 30 minutes (although, you have to do all of the steps yourself as opposed to running a function and doing something else for 3 hours).

New Post:

https://pldmgg.github.io/2018/07/10/CFSSL.html

Any and all feedback is welcome! I hope this brings to light some of the less traditional, but potentially more efficient things you can do when managing hybrid environments.

submitted by /u/fourierswager
[link] [comments]

Leave a Reply