<# Scripted install for AutoCert to SG01 This script is to be executed from SG01 as local administrator This script will create a Scheduled Task on SG01 that will trigger AutoCert and authenticate as local admin. #> # Set Tls1.2 to download files from Azure [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 $CurrentServer = $env:computername Write-Host "Current computer name is $CurrentServer. This Certificate Package is meant for Secure Gateway (SG) servers ONLY. Would you like to proceed?" $ReadHost = Read-host "(y/n)" $response = $false Switch ($ReadHost) { Y {Write-Host "You chose YES. Continuing with SG Certificate Replacement" -Foregroundcolor white -Backgroundcolor Green;$response=$true} N {Write-Host "You chose NO. Exiting SG Certificate Replacement script without making configuration changes." -Foregroundcolor white -Backgroundcolor Red;$response=$null;pause;break} Default {Write-Host "No option chosen for $CurrentServer. Exiting Script without making configuration changes." -Foregroundcolor white -Backgroundcolor Red;$response=$null;pause;break} } if ($response) { # Variable Assignment $SG_ExpiryCheck_URL = "https://npcurls.azurewebsites.net/Expiration-SG" $AutoCert_Task_URL ="https://npcurls.azurewebsites.net/Install-Task" $ExpiryCheck_Path = "c:\AutoCert\ExpiryCheck.ps1" $Task_XML_Path = "c:\AutoCert\AutoCert.xml" # Install AutoCert if (!(Test-Path C:\AutoCert)) {New-Item -ItemType directory -Path c:\AutoCert -erroraction SilentlyContinue | out-null} Invoke-WebRequest -Uri $AutoCert_Task_URL -outfile $Task_XML_Path Invoke-WebRequest -Uri $SG_ExpiryCheck_URL -outfile $ExpiryCheck_Path Unregister-ScheduledTask -TaskName "Certificate Replacement" -Confirm:$false -erroraction SilentlyContinue Schtasks /create /xml "c:\AutoCert\AutoCert.xml" /tn CertificateReplacement /ru SYSTEM Start-ScheduledTask -TaskName "CertificateReplacement" Remove-Item $Task_XML_Path }