Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/trympet/dns-certificate-creation-tool

Creates and signs x509 certificates based on A and CNAME-records in a DNS zone
https://github.com/trympet/dns-certificate-creation-tool

certificate-generation certificates dns dns-zone dns-zone-files openssl windows-dns x509

Last synced: 15 days ago
JSON representation

Creates and signs x509 certificates based on A and CNAME-records in a DNS zone

Awesome Lists containing this project

README 

        
# DNS-Certificate-Creation-Tool

This tool allows you to quickly create certificates for an entire DNS zone.   

The provided PowerShell automates the creation of zone files, and is intended for use with DNS Server for Windows Server 2016 or later.   



## Prerequisites

- Python 3   

- OpenSSL if using Linux or Mac. Windows binary included.



## Usage

```powershell

./Create-DNSCertificates.ps1

     [-ComputerName] 

     [-DNSZone] 

     [-IPAddresses] 

     [-Certificate] 

     [-PrivateKey] 

     [[-Credential] ]

     [[-Authentication] ]

     [-O] 

     [-L] 

     [-ST] 

     [-C] 

     [-E] 

```



If you are using DNS Server for Windows Server, everything should work out of the box, no modification needed.   

Example:

```powershell

./Create-DNSCertificates.ps1 -ComputerName dc-01.corp.contoso.com -DNSZone corp.contoso.com -IPAddresses 10.0.10.0/23 -Certificate contosocorp-ca.crt -PrivateKey contosocorp-ca.key -C US -ST WA -L Redmond -O Contoso

```

   

The certificate and OpenSSL artifacts are placed in the `./out` directory. 

   

You can also call the python script directly if you are not using Windows DNS Server.   

Example:

```bash

python3 create-certificates.py          

```