CreateCertificate
Creates a public key (.cer file), a private key (.pfx) file, and a Base64 encoded private key to use to authenticate the EWS Extension Online Powershell v2 integration.
powershell · Microsoft Exchange Online
Source
Import-Module SelfSignedCertificate function CreateCertificate { [CmdletBinding()] Param( [Parameter(Mandatory)] [String]$OutputPath, [Parameter(Mandatory)] [SecureString]$Password, [Parameter(Mandatory)] [int]$Days, [String]$FriendlyName, [String]$Country, [String]$StateOrProvince ) $cmd_args = @{ "OutCertPath" = $OutputPath "NotAfter" = (Get-Date).AddDays($Days) "Password" = $Password } if (![string]::IsNullOrEmpty($FriendlyName)){ $cmd_args.FriendlyName = $FriendlyName } if (![string]::IsNullOrEmpty($Country)){ $cmd_args.Country = $Country } if (![string]::IsNullOrEmpty($StateOrProvince)){ $cmd_args.StateOrProvince = $StateOrProvince } New-SelfSignedCertificate @cmd_args -WarningAction:SilentlyContinue > $null } function Main() { [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingConvertToSecureStringWithPlainText', '')] param() $pfx_path = "certificate.pfx" $b64_path = "certificateBase64.txt" $public_key_cert_path = "publickey.cer" $dargs = $demisto.Args() $plain_pass = $dargs.password $password = (ConvertTo-SecureString -String $plain_pass -AsPlainText -Force) try { CreateCertificate -OutputPath $pfx_path -Password $password -Days $dargs.days -FriendlyName $dargs.friendly_name -Country $dargs.country -StateOrProvince $dargs.state_or_province openssl pkcs12 -in $pfx_path -out $public_key_cert_path -nokeys -clcerts -password pass:$plain_pass | Out-Null $File = [System.IO.File]::ReadAllBytes($pfx_path); # returns the base64 string $base_64_encoded = [System.Convert]::ToBase64String($File); $unique = $demisto.UniqueFile() $b64_temp_path = $demisto.Investigation().id + "_" + $unique [System.IO.File]::WriteAllText($b64_temp_path, $base_64_encoded) $demisto.Results( @{ "Contents" = '' "ContentsFormat" = [EntryFormats]::text.ToString() "Type" = 3 "File" = $b64_path "FileID" = $unique } ) $unique = $demisto.UniqueFile() $public_key_content = [System.IO.File]::ReadAllText($public_key_cert_path) $public_key_temp_path = $demisto.Investigation().id + "_" + $unique [System.IO.File]::WriteAllText($public_key_temp_path, $public_key_content) $demisto.Results( @{ "Contents" = '' "ContentsFormat" = [EntryFormats]::text.ToString() "Type" = 3 "File" = $public_key_cert_path "FileID" = $unique } ) $pfx_content = [System.IO.File]::ReadAllBytes($pfx_path) $unique = $demisto.UniqueFile() $pfx_content_temp_path = $demisto.Investigation().id + "_" + $unique [System.IO.File]::WriteAllBytes($pfx_content_temp_path, $pfx_content) $demisto.Results( @{ "Contents" = '' "ContentsFormat" = [EntryFormats]::text.ToString() "Type" = 3 "File" = $pfx_path "FileID" = $unique } ) $context = @{ "Certificate" = @{ "PrivateKey" = $pfx_path "PublicKey" = $public_key_cert_path "PrivateKeyBase64" = $b64_path } } $readable_output = TableToMarkdown $context.Certificate "Use those certificates to connect to the desired service." ReturnOutputs $readable_output $context $null | Out-Null } finally { Remove-Item -Path $pfx_path, $public_key_cert_path | Out-Null } } if ($MyInvocation.ScriptName -notlike "*.tests.ps1" -AND -NOT$Test) { Main }
README
Creates a public key (.cer file), a private key (.pfx) file, and a Base64 encoded private key to use to authenticate the EWS Extension Online Powershell v2 integration.
Script Data
| Name | Description |
|---|---|
| Script Type | powershell |
| Tags | basescript |
| Cortex XSOAR Version | 5.5.0 |
Inputs
| Argument Name | Description |
|---|---|
| password | Password to protect the certificate. |
| days | Number of days the certificate is available. Default is “365”. |
| friendly_name | A friendly name to identify the certificate. |
| country | Country of the certificate issuer. |
| state_or_province | State or province of the certificate issuer. |
Outputs
| Path | Description | Type |
|---|---|---|
| Certificate.PublicKey | The .cer file to add to the Azure app. | String |
| Certificate.PrivateKey | The binary certificate (.pfx file). | String |
| Certificate.PrivateKeyBase64 | The private key encoded in Base64 to use in the integration parameter. | String |
Script Example
!CreateCertificate days=365 password=<Will-Prompt-After-Enter> country=FR friendly_name=MyCertificate
Context Example
{
"Certificate": {
"PrivateKey": "certificate.pfx",
"PrivateKeyBase64": "certificateBase64.txt",
"PublicKey": "publickey.cer"
},
"File": [
{
"EntryID": "K6Zy2whBuhc4TbrFaaiUWZ@0c2becbb-2877-4639-8800-18214f49dc70",
"Extension": "txt",
"Info": "text/plain; charset=utf-8",
"MD5": "fe0e481ba31a93b57e43b08f4088a1ac",
"Name": "certificateBase64.txt",
"SHA1": "a185361c8f9d673ccf72ff5acc34a3dfd24e6c2a",
"SHA256": "95b9692a564ed182b9781cda54a1f199d422b5ec50dcd3c111f7d386b43e2e59",
"SHA512": "eebc842f1d2892630a5d6eb2379c931083e9870f4287ac2948b209d72cdaf146cc2746c00ddf3724538e480b9163fd53121d30682549bab1749ab543233db8b5",
"SSDeep": "48:PqtPLOoLAMsR6bOXq/bmuX6lwlHcmHDqCB8+tnUTkufasf/rh/YjQXfNoQt:eKvnYiXq/6uKlwlHcmjSkufaGrhgj+t",
"Size": 3136,
"Type": "ASCII text, with very long lines, with no line terminators"
},
{
"EntryID": "BVtgGDapVEboRutfPqhsym@0c2becbb-2877-4639-8800-18214f49dc70",
"Extension": "cer",
"Info": "application/pkix-cert",
"MD5": "585f0480395a1076221d2e393ae7c37b",
"Name": "publickey.cer",
"SHA1": "b8608947e9a7f7bcaec45addac684500b65b5eca",
"SHA256": "84ee1293ad9ab145cf496d099f3d17b136fd7c12456518378e1df6e2aef1401d",
"SHA512": "841cc16a7f123918eb05e91ff18dd929fd24192361432a18226494552a6db602974ae6308a512ac65bbe48c890f6abbfc86c549e2791618cb65181db77f9d089",
"SSDeep": "24:Ac7TN9WuxvhE/uj87VBdJTOvYwcR36USpNCFRfnZZ2dlH2t+vhmKJ:Ac7TzvhwuChJFrPSpMFRPY2tMwq",
"Size": 1185,
"Type": "ASCII text"
},
{
"EntryID": "nxkeXYpyYK2u9yaFnDqrC9@0c2becbb-2877-4639-8800-18214f49dc70",
"Extension": "pfx",
"Info": "application/x-pkcs12",
"MD5": "9644a72c118cff903e84b0cfd012af7b",
"Name": "certificate.pfx",
"SHA1": "9c2824df7b04a2c0248c5d318765cbf22d1253bd",
"SHA256": "216d298a386f32965dd0cdeddb83665a406c410618697559df8ca16fe7517c1d",
"SHA512": "7083fbb871f4bb214cc229f6b85979605ce2e953e0950671e03fdb9650aedb21664ce77a5a87a811f0fbcdde82732ec828d7677cf1bd1709b59419d99b46992c",
"SSDeep": "48:hvP1He7U8nult99tThzHBwClBZI86sJvvNvsN53zdCL:hX1HegkY9DL3hIGJvFvsr3BW",
"Size": 2351,
"Type": "data"
}
]
}
Human Readable Output
Use those certificates to connect to the desired service
PrivateKey PrivateKeyBase64 PublicKey “certificate.pfx” “certificateBase64.txt” “publickey.cer”