{"id":850,"date":"2022-10-27T08:40:41","date_gmt":"2022-10-27T13:40:41","guid":{"rendered":"https:\/\/cloudlearning365.com\/?p=850"},"modified":"2022-12-02T16:36:38","modified_gmt":"2022-12-02T21:36:38","slug":"get-a-free-public-ssl-certificate-for-testing-environment-using-posh-acme","status":"publish","type":"post","link":"https:\/\/cloudlearning365.com\/?p=850","title":{"rendered":"Get a free public SSL certificate for testing environment using Posh-ACME"},"content":{"rendered":"\n<p>In my previous blog post: <a href=\"https:\/\/cloudlearning365.com\/?p=139\">Add SSL Certificate to Aviatrix Controller<\/a>, we went through how to obtain a free public SSL certificate using <em><a href=\"https:\/\/zerossl.com\/\">ZeroSSL<\/a><\/em>. It got great interface and you can get up to three 90 days certificate for free, but have following drawbacks:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>If you have two expired certificate, it counts as part of total three free 90 days certificate, and now you can only get one more.<\/li>\n\n\n\n<li>It does take a bit tickling to get a full chain certificate using commands.<\/li>\n<\/ul>\n\n\n\n<p>Then I was introduced <a href=\"https:\/\/poshac.me\/\">Posh-ACME<\/a>, a PowerShell module to request and obtain free SSL certificates, let&#8217;s take a look how it works.<\/p>\n\n\n\n<!--more-->\n\n\n\n<p>Pre-requisites: <\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>You own public DNS name and have ability to make DNS changes<\/li>\n\n\n\n<li>PowerShell installed. I personally recommend <a href=\"https:\/\/learn.microsoft.com\/en-us\/powershell\/scripting\/install\/installing-powershell\">PowerShell Core<\/a>, as it&#8217;s cross platform and Microsoft is actively developing on it. Follow the <a href=\"https:\/\/learn.microsoft.com\/en-us\/powershell\/scripting\/install\/installing-powershell\">link <\/a>for installation instruction.<\/li>\n\n\n\n<li><a href=\"https:\/\/poshac.me\/\">Posh-ACME<\/a> module installed in PowerShell. Follow the <a href=\"https:\/\/poshac.me\/docs\/v4\/#installation-stable\">link <\/a>for installation instruction. Note the warning for PowerShell 5.1 or earlier.<\/li>\n<\/ul>\n\n\n\n<p>To Request a certificate:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>New-PACertificate &lt;full.domain.name&gt; -AcceptTOS<\/code><\/pre>\n\n\n\n<p>Once you issued the command, it will ask you to create an TXT record in your DNS domain: _acme-challenge.&lt;full.domain.name&gt;<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"204\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133-1024x204.png\" alt=\"\" class=\"wp-image-851\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133-1024x204.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133-300x60.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133-768x153.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133-500x100.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-133.png 1295w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>Example of the TXT record created in my DNS server<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"313\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-1024x313.png\" alt=\"\" class=\"wp-image-852\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-1024x313.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-300x92.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-768x235.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-1536x470.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134-500x153.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-134.png 1583w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><strong>Note<\/strong>: After the TXT record has been created, I would wait for half an hour to make sure it&#8217;s fully replicated before go back to the command to press any key to continue, or you may have to do it over again.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"325\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-1024x325.png\" alt=\"\" class=\"wp-image-853\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-1024x325.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-300x95.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-768x244.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-1536x487.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135-500x159.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-135.png 1715w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>After you pressed any key, it could take a while, then you can see an certificate been issued with the full.domain.name you requested as the subject. <strong>Also it will recommend you to remove the TXT record.<\/strong><\/p>\n\n\n\n<p>To view the issued certificates, run<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Get-PACertificate | fl<\/code><\/pre>\n\n\n\n<p>You can see it will tell you the path where the certificates are stored. Also have different type of certificates prepared for you already.<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"276\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-1024x276.png\" alt=\"\" class=\"wp-image-854\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-1024x276.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-300x81.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-768x207.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-1536x414.png 1536w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136-500x135.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-136.png 1675w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"509\" src=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137-1024x509.png\" alt=\"\" class=\"wp-image-855\" srcset=\"https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137-1024x509.png 1024w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137-300x149.png 300w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137-768x382.png 768w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137-500x249.png 500w, https:\/\/cloudlearning365.com\/wp-content\/uploads\/2022\/10\/image-137.png 1168w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p>You can simply start to use the certificates based on the requirements:<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>cert.cer (Base64 encoded PEM certificate)\ncert.key (Base64 encoded PEM private key)\ncert.pfx (PKCS12 container with cert+key)\nchain.cer (Base64 encoded PEM with the issuing CA chain)\nchainX.cer (Base64 encoded PEM with alternate issuing CA chains)\nfullchain.cer (Base64 encoded PEM with cert+chain)\nfullchain.pfx (PKCS12 container with cert+key+chain)<\/code><\/pre>\n\n\n\n<p>Note: the .pfx file password is: <code>poshacme<\/code><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In my previous blog post: Add SSL Certificate to Aviatrix Controller, we went through how to obtain a free public SSL certificate using ZeroSSL. It got great interface and you can get up to three 90 days certificate for free, &hellip; <a href=\"https:\/\/cloudlearning365.com\/?p=850\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-850","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=850"}],"version-history":[{"count":5,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/850\/revisions"}],"predecessor-version":[{"id":1095,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=\/wp\/v2\/posts\/850\/revisions\/1095"}],"wp:attachment":[{"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cloudlearning365.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}