How to Create and Serialize a New Self-Signed Certificate

  • Article

Applies To: System Center Configuration Manager 2007, System Center Configuration Manager 2007 R2, System Center Configuration Manager 2007 R3, System Center Configuration Manager 2007 SP1, System Center Configuration Manager 2007 SP2

In Microsoft System Center Configuration Manager 2007, you create a new self-signed certificate calling the PxeAuthClass Client COM Automation Class class IPxeAuthClass::CreateIdentity Method method.

CreateIdentity has the following parameters:

Parameter Description

FriendlyName

The friendly name of the PXE certificate.

SubjectName

The name of the certificate subject.

SMSID

The PXE certificate identifier.

StartTime

The time when the certificate becomes valid.

EndTime

The time when the validity of the certificate ends.

CreateIdentity returns an array containing the following:

Element Description

0

The hexadecimal-encoded private key for the PFX file that contains the certificate.

1

The hexadecimal-encoded certificate.

After you obtain the array, you can use it to submit a registration record by using the SMS_Site class SubmitRegistrationRecord method.

To serialize a certificate from a PFX file

  1. Create an instance of the PXEAuth class.

  2. Call the ReadIdentity method.

Example

The following example creates a new certificate. The certificate is valid for one year from today's date.

For information about calling the sample code, see How to Call Configuration Manager COM Automation Objects.

Sub CreateCertificate (subjectName, friendlyName, smsId)


    Dim pxeauth
    Set pxeauth = CreateObject("Microsoft.ConfigMgr.PXEAuth")

   ' Create new self-signed certificate and serialize it.

    Dim ident
    ident = pxeauth.CreateIdentity( subjectName, friendlyName, smsId, now, now+365)
    WScript.Echo "certificatePFX = " & ident(0)
    WScript.Echo "certificate    = " & ident(1)

End Sub

The example method has the following parameters:

Parameter Type Description

subjectName
  • Managed: String

  • VBScript: String

The subject name of the PXE certificate.

friendlyName
  • Managed: String

  • VBScript: String

The friendly name of the PXE certificate.

smsId
  • Managed: String

  • VBScript: String

The PXE certificate identifier.

Compiling the Code

To use PXEAuthClass with C# you will need the following:

Namespaces

System

System.Collections.Generic

System.Text

System.Threading

TsMediaLib

Assembly

You will need to use COM interop to access the TSMediaClass object. The COM object you add a reference to is TSMedia 1.0 Type Library.

To declare in your code, using PxeAuthClassClass.

Robust Programming

For more information about error handling, see About Configuration Manager Errors.

Security

For more information about securing Configuration Manager applications, see About Securing Configuration Manager Applications.

See Also

Concepts

About Operating System Deployment Media Management
How to Create Capture Media
How to Create Boot Media
How to Create Stand-Alone Operating System Media
How to Serialize a Certificate from a PFX File