Creating a Self-Signed Certificates for Secure Connections

Self-signed certificates can be used to secure web connections, encrypt data sent over the internet, and can be used to authenticate the identity of the server to the client. In this blog post, we will cover the basics of self-signed certificates, how to create them, and how to use them to secure your web connections.

Creating a Self-Signed Certificate

There are several ways to create a self-signed certificate, but in this blog post, we will cover two popular methods: using mkcert and using PowerShell in-built (New-SelfSignedCertificate) cmdlet.

Method 1: Using mkcert

mkcert is a simple command-line tool that can be used to create a self-signed certificate. To create a self-signed certificate using mkcert, you can use script at and can run on PowerShell.

Once you run the script it will first download the mkcert.exe if not exist, and using that will create the Self-Signed Certificate. 

Your directory will looks like below:

Method 2: Using PowerShell

Another way to create a self-signed certificate is by using PowerShell in-built 'New-SelfSignedCertificate' cmdlet. Here is an example of how to use this cmdlet to create a self-signed certificate:

Option 1: Creating a DNS based self-signed certificate

This command will create a self-signed certificate for the different hostnames and store it in the local certificate store.

Option 2: Creating a DNS + IP Address based self-signed certificate

This command will create a self-signed certificate for couple of domains and IP addresses and store it in the local certificate store.

If you want to have the Signer for the Self-Signed certificate then you can first generate the root  certificate and then pass that root certificate while creating the other Self-Signed certificate.

$rootCert = New-SelfSignedCertificate -Subject 'CN=TestRootCA,O=TestRootCA,OU=TestRootCA' -KeyExportPolicy Exportable -KeyUsage CertSign,CRLSign,DigitalSignature -KeyLength 2048 -KeyUsageProperty All -KeyAlgorithm 'RSA' -HashAlgorithm 'SHA256' -Provider 'Microsoft Enhanced RSA and AES Cryptographic Provider'

New-SelfSignedCertificate -Subject $certFriendlyName -FriendlyName $certFriendlyName -Signer $rootCert -TextExtension @("2.5.29.17={text}$ip&$dnsNames") -CertStoreLocation "cert:\LocalMachine\My" -KeyAlgorithm RSA -KeyLength 2048 -NotAfter (Get-Date).AddYears(10)

Note: Self-signed certificates are not trusted by default and will not be recognized by default trusted root CA, so it is important to inform users that they are visiting a self-signed certificate website.

Thanks for reading, CloudOps ⌂Signing Off! 😊

Building Visual Studio Solutions with MSBuild - Command Line

 MSBuild is a powerful build tool that is included with Visual Studio. It can be used to build Visual Studio solutions and projects from the command line or from scripts, making it easy to automate builds and deployments.

To build a Visual Studio solution using MSBuild, you can use the following command:

msbuild location: C:\Program Files\Microsoft Visual Studio\2022\Professional\MSBuild\Current\Bin\msbuild.exe

msbuild "D:\a\1\s\solution.sln" /t:Build /p:Configuration=Release /p:platform="any cpu"

You can also specify a specific project within the solution to build by using the /target parameter:

msbuild "D:\a\1\s\solution.sln" /t:Build /p:Configuration=Release /p:platform="any cpu" /target:cms.proj

To generate deployment artifacts for a web project using MSBuild, you can use the 'WebPublish' target. This will build the project and create the necessary files for deployment to a web server.

Here's an example of the command to generate deployment artifacts for a web project:

msbuild "D:\a\1\s\solution.sln" /t:WebPublish /p:Configuration=Release /p:platform="any cpu" /p:DeployOnBuild=true /p:WebPublishMethod=FileSystem /p:DeployDefaultTarget=WebPublish /p:DeleteExistingFiles=True /p:publishUrl="D:\a\1\s\outdir"

Alternatively, you can specify the OutDir property to specify the output directory for the build artifacts. This can be used in conjunction with the 'Build' target to generate the necessary files for deployment.

msbuild "D:\a\1\s\solution.sln" /t:Build /p:Configuration=Release /p:platform="any cpu" /p:DeployOnBuild=false /p:SkipInvalidConfigurations=true /p:OutDir="D:\a\1\s\outputdirectory"

You can also specify additional parameters, such as /p:UseWPP_CopyWebApplication=true /p:PipelineDependsOnBuild=false /p:VisualStudioVersion="15.0" /v:diag to customize the build process.

Alternatively, you can generate a deployment package by using the 'WebPublish' target with the 'Package' publish method:

msbuild "D:\a\1\s\solution.sln" /t:WebPublish /p:Configuration=Release /p:Platform="any cpu" /p:DeployOnBuild=true /p:WebPublishMethod=Package /p:PackageAsSingleFile=true /p:SkipInvalidConfigurations=true /p:PackageLocation="$(build.artifactstagingdirectory)\\website\\"

This will build the project and create a deployment package using the specified settings. The 'PackageAsSingleFile' parameter specifies that the package should be created as a single file, and the 'SkipInvalidConfigurations' parameter specifies that the build should continue even if there are invalid project configurations. The 'PackageLocation' parameter specifies the directory where the package should be created.

To enabled verbose logging add below parameter to command line:

/v:diag

Thanks for reading, CloudOps ⌂Signing Off! 😊

Azure Login 101: Command Line Options

There are a few different ways that you can log in to the Azure portal using the command line:

1. Install the Azure CLI or Azure PowerShell module on your local machine, if it is not already installed. 
2. Use the 'az login' command (for the Azure CLI) or the 'Connect-AzAccount' cmdlet (for the Azure PowerShell module) to log in to Azure.
3. Use the '--tenant' option (for the Azure CLI) or the '-TenantId' parameter (for the Azure PowerShell module) to specify the tenant (i.e., the Azure Active Directory) that you want to use.
4. Use the '--subscription' option (for the Azure CLI) or the '-SubscriptionId' parameter (for the Azure PowerShell module) to specify the subscription that you want to use.
5. Use the 'az account show' command (for the Azure CLI) or the 'Get-AzContext' cmdlet (for the Azure PowerShell module) to display the details of the currently selected tenant and subscription.

• Azure CLI: The Azure CLI is a cross-platform command-line interface that you can use to manage Azure resources. To log in to the Azure portal using Azure CLI, follow these steps:

# Install the Azure CLI (if it is not already installed)

Invoke-WebRequest -Uri https://aka.ms/installazurecliwindows -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList '/I AzureCLI.msi /quiet'; rm .\AzureCLI.msi  

 # Log in to Azure and set the default tenant and subscription (replace <tenant-id> and <subscription-id> with the appropriate values)

az login --tenant <tenant-id>

          az account set --subscription <subscription-id>

# Display the details of the currently selected subscription

az account show

This script first installs the Azure CLI, then logs in to Azure and sets the default tenant and subscription using the az login command. It then displays the details of the currently selected subscription using the az account show command.

If you only use 'az login' command then use the 'az account set --tenant' and  'az account set --subscription' command to switch between the tenants and subscriptions.

 

• PowerShell: This is a command-line shell and scripting language that you can use to manage Azure resources. To log in to the Azure portal using the Azure PowerShell module on a Windows machine:, follow these steps:

# Install the Azure PowerShell module (if it is not already installed)

Install-Module -Name Azure -AllowClobber

# Log in to Azure and set the default tenant and subscription (replace <tenant-id> and <subscription-id> with the appropriate values)

Connect-AzAccount -Tenant <tenant-id> -SubscriptionId <subscription-id>

         Set-AzContext -Tenant <tenant-id> -SubscriptionId <subscription-id> 

# Display the details of the currently selected subscription

Get-AzContext

This script first installs the Azure PowerShell module, then logs in to Azure and sets the default tenant and subscription using the Connect-AzAccount cmdlet. It then displays the details of the currently selected subscription using the Get-AzContext cmdlet.

If you only use 'Connect-AzAccount' command then use the 'Connect-AzAccount -TenantId <tenant-id>' and  'Connect-AzAccount -SubscriptionId <subscription-id>' command to switch between the tenants and subscriptions.

 

• Azure Cloud Shell: This is a browser-based shell that you can use to manage Azure resources. To log in to the Azure portal using Azure Cloud Shell, follow these steps: 
• Go to the Azure portal in your web browser.
• Click the Cloud Shell icon in the top right-hand corner of the portal.
• Select Bash as the shell.
• Follow the prompts to sign in with your Azure account.

Here are some other common Azure CLI commands that you might find useful:

• 'az account list': List all subscriptions for the authenticated account.
• 'az account set --subscription SUBSCRIPTION_NAME': Set the default subscription.
• 'az resource list --resource-group RESOURCE_GROUP_NAME': List all resources in a resource group.
• 'az resource show --name RESOURCE_NAME --resource-group RESOURCE_GROUP_NAME --resource-type RESOURCE_TYPE': Show information about a specific resource.

Here are some other common Azure PowerShell commands that you might find useful:

• 'Get-AzSubscription': List all subscriptions for the authenticated account.
• 'Set-AzContext -Subscription SUBSCRIPTION_NAME': Set the default subscription.
• 'Get-AzResource -ResourceGroupName RESOURCE_GROUP_NAME': List all resources in a resource group.
• 'Get-AzResource -Name RESOURCE_NAME -ResourceGroupName RESOURCE_GROUP_NAME -ResourceType RESOURCE_TYPE': Show information about a specific resource.

Thanks for reading, CloudOps ⌂Signing Off! 😊