コマンドで生成します。以下は、SQL Server 暗号化用の証明書を含むHub用の証明書になっています。
All in One
New-SelfSignedCertificate -Type SSLServerAuthentication -Subject "ホスト名\\SQLEXPRESS" `
-DnsName "ホスト名","authentication.local","hub.local","email.local","audit.local","file.local","notification.local","license.local","signalr.local","interact.local","iada.local","interactremoteapi.local","bpapi.local","bpdwapi.local",'localhost' `
-KeyAlgorithm "RSA" -KeyLength 2048 -HashAlgorithm "SHA256" -TextExtension "2.5.29.37={text}1.3.6.1.5.5.7.3.1" `
-NotAfter (Get-Date).AddMonths(36) -KeySpec KeyExchange -Provider "Microsoft RSA SChannel Cryptographic Provider" `
-CertStoreLocation "cert:\\LocalMachine\\My" -FriendlyName "TheOneCert"
BPJP062\SQLEXPRESS
New-SelfSignedCertificate -Type SSLServerAuthentication -Subject "WEB01\\SQLEXPRESS" `
-DnsName "WEB01",'localhost' `
-KeyAlgorithm "RSA" -KeyLength 2048 -HashAlgorithm "SHA256" -TextExtension "2.5.29.37={text}1.3.6.1.5.5.7.3.1" `
-NotAfter (Get-Date).AddMonths(36) -KeySpec KeyExchange -Provider "Microsoft RSA SChannel Cryptographic Provider" `
-CertStoreLocation "cert:\\LocalMachine\\My" -FriendlyName "sqlservercert"
自己証明書(例:authentication.local)
New-SelfSignedCertificate -CertStoreLocation Cert:\\LocalMachine\\My -DnsName "authentication.local" -FriendlyName "MySiteCertAuthentication" -NotAfter (Get-Date).AddYears(10)
| 製品 | DNS名 |
|---|---|
| Hub, Authentication Server | "hub.local","email.local","audit.local","file.local","notification.local","license.local","signalr.local" |
| Interact | "interact.local","iada.local","interactremoteapi.local" |
| Blue Prism API | "bpapi.local" |
| Blue Prism Desktop | “bpdwapi.local” |
| SQL Server | “ホスト名”,’localhost’ |
<aside> 💡 DNS名を複数記載する場合は、””(ダブルクォーテーション)で囲むこと。一つのホスト名と認識されてしまったことがあった。
</aside>
実行結果