# AzureStack Certification Authority certificate

Following script connects to [Privileged Endpoint](https://docs.microsoft.com/en-us/azure-stack/operator/azure-stack-privileged-endpoint?view=azs-2002) and generates the required AzureStackCertificationAuthority.cer file.

## HOST VM

On **AzS Development Kits**, sign in to the physical host. 

On **multi-node integrated systems**, the host must be a system that can access the privileged endpoint.

1. Place the VConnectMSM.zip file in a temp folder (c:\CloudAssert). Right click -> Properties -> Unblock -> Apply -> OK. If you don't have this installer please [**reach out to our team**](https://www.cloudassert.com/Product/Microsoft-Azure-Stack-Hub/Multi-Stamp-Management-Free-Trial) and we will provide you with latest installer and trial license. 
2. Extract the contents to the same folder (c:\CloudAssert)
3. Open a new elevated (administrative) PowerShell  console and change to the directory where the files have been extracted (c:\CloudAssert\VConnectMSM). Use a new window to avoid problems that might arise from incorrect Power Shellaz modules that are already loaded on the system.
4. Run GetAzureStackCertificationAuthority.ps1 and specify the required parameters

```
.\GetAzureStackCertificationAuthority -PrivilegedEndpoint "192.168.200.224"
```

| Parameter Name     | Description                   | Required |
| ------------------ | ----------------------------- | -------- |
| PrivilegedEndpoint | PrivilegedEndpoint IP Address | Required |

The script will prompt for PEP endpoint cloud admin credentials. Once provided, the script will create the AzureStackCertificationAuthority.cer file inside the **Cert** folder.