Hello Free Wild SSL PS1 ver 1 utility for Lets Encrypt SSL

<!-- PS1

#########################################################################
#                                                                       #
#  Hello-Free-Wild-SSL.PS1, ver 1.0.0, a utility for Let's Encrypt SSL  #
#                                                                       #
#########################################################################

# script scope consts:
$ZGU        = "  \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/  ";
$ZGD        = "  /\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\  ";
$BAR        = "                                                                              ";
$ABR        = "                     ~ Press Ctrl + C to abort anytime ~";
$NL         = "`n";
$RT         = "`r`n";
$SHW        =  120;
$PRO        =  60;
$AUT        =  3000;
$MsgConnec  = "Kindly, check your internet connection.";
$MsgOptIn   = "Firstly, save a User to current running script using option 1.";
$MsgConfirm = "Type C to confirm or any to exit...";
$MsgCheck   = "Check your internet connection, restart prompt, and rerun this script.";
$MsgSkipErr = "Type S to skip error or any to exit...";

$MODESTAGE  = "Stage(Test)";
$MODEPROD   = "Production(Live)";
$SSLPKSAME  = "Same Wild SSL Private Key/PFX";
$SSLPKNEW   = "New Wild SSL Private Key/PFX";

# script scope vars named after function & thread/task number:
$script:GetStatus                 = $false;
$script:StartOver                 = $false;
$script:GetInput                  = $false;
$script:GoNext0                   = $false;
$script:GoNext1                   = $false;
$script:OptionsMenu               = $false;
$script:NewSetUser                = $false;
$script:NewRenewWildSSLforTheUser = $false;
$script:RefreshDisplayAll         = $false;
$script:VisitCurrentUserDomain    = $false;
$script:Legal                     = $false;
$script:ScriptCycle               = $false;

$script:connec  = $false;
$script:status  = " << Status >> $NL << Inputs >> ";
$script:server  = "LE_STAGE";
$script:mode    = $MODESTAGE;
$script:sslpkey = $SSLPKSAME;
$script:email   = "any-email-user-from-any-provider@example.com";
$script:domain  = "example.com";
$script:alnams  = ("example.com", "*.example.com");
$script:step    = 1;

#######################################################################
function SetPoshACME
{
    try
    {
        # Set Execution Policy
        Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force -WarningAction SilentlyContinue -ErrorAction Stop;
    }
    catch{ return -1; }

try
    {
        # Reload module
        Import-Module Posh-ACME -Force -WarningAction SilentlyContinue -ErrorAction Stop;
    }
    catch{ return -2; }
 
    # wait...
    sleep -Milliseconds $PRO;

return 1;
}

#######################################################################
function GetPoshACME
{
    try
    {
        # Install module
        Install-Module "Posh-ACME" -Scope CurrentUser -Force -AllowClobber -SkipPublisherCheck -WarningAction SilentlyContinue -ErrorAction Stop;
        Write-Host $RT;
        Write-Host $RT;
        Write-Host $RT;
    }
    catch{ return $false; }

# wait...
    sleep -Milliseconds $PRO;

return $true;
}

#######################################################################
function GetStatus
{
    # locking <>
    if($script:GetStatus -eq $true){ return; }
    $script:GetStatus = $true;

# Connection & all check
    try
    {
        $status = Get-Date -WarningAction SilentlyContinue -ErrorAction Stop;
        $status = " << Status >> $NL Last Checked: $status, Internet: ";
        if((Test-Connection "1.1.1.1" -Quiet -Delay 1 -Count 1 -WarningAction SilentlyContinue -ErrorAction Stop) -ieq $true)
        { $script:connec = $true; $status += "Connected.$NL" } else { $script:connec = $false; $status += "Disconnected.$NL" }
        $status += "$NL << Inputs >> $NL Mode: $script:mode, Key: $script:sslpkey. $NL";
    }
    catch
    {
        # in case of getting date problem(e.g bios)...
        # in case of old PowerShell version or alike with Test-Connection...
        # Next >>>
        GoNext -title "Status -> Error" -msg "$MsgCheck $RT + Last Error: $RT - $_";

# Next >>>
        $ret = GoNext -title "Status -> Error" -msg $MsgSkipErr -flg 3;
        # Exit for ERROR
        if($ret -ine "s"){ $script:step = -6; }
    }

# locking <>
    $script:GetStatus = $false;

return $status;
}

#######################################################################
function StartOver([int]$flg=0, [string]$msg="")
{
    # locking <>
    if($script:StartOver -eq $true){ return; }
    $script:StartOver = $true;

# Wait...
    sleep -Milliseconds $SHW;

# New Screen >>>
    Clear-Host;
    clear;
    cls;

Write-Host $NL -NoNewline;
    Write-Host "  /                                                                        \";
    Write-Host $ZGU;
    Write-Host "     Hello-Free-Wild-SSL.PS1, ver 1.0.0, a utility for Let's Encrypt SSL.     " -ForegroundColor White -BackgroundColor DarkGreen;
    Write-Host $ZGD;
    Write-Host "  \                                                                        /";
    Write-Host $NL -NoNewline;
    Write-Host $script:status;

if($flg -eq 1){ Write-Host "Hello !"; }
    if($flg -eq 2){ Write-Host "Start..."; }
    if($flg -eq 3){ Write-Host "Processing..."; }
    if($flg -eq 4){ Write-Host "Fitching..."; }
    if($flg -eq 5){ Write-Host "Bye ! $RT $RT"; }

# Show msg only after Bye ! and not thru all startovers
    if($flg -eq 5 -and $msg -ne $null -and $msg -ne "")
    {
        Write-Host $RT;
        Write-Host $msg;
        Write-Host " $RT + Last Error: $RT - $_ ";
    }

# Wait...
    sleep -Milliseconds $SHW;

# locking <>
    $script:StartOver = $false;
}

#######################################################################
function GetInput
{
    Param
    (
        [Parameter(Mandatory=$false, HelpMessage="-msg: Default = Press [Enter] to continue...")]
        [string]
        $msg = "Press [Enter] to continue...",
        [Parameter(Mandatory=$false, HelpMessage="-style: 0 = White, 1 = Red, 2 = Yellow.")]
        [int]
        $style = 0
    );

# locking <>
    if($script:GetInput -eq $true){ return; }
    $script:GetInput = $true;

# Normal style as Default - White
    $clrFor = 15;
    $clrBkg = 15;

# Confirm style as Confirm - Red
    if($style -eq 1)
    {
        $clrFor = 12;
        $clrBkg = 12;
    }

# Confirm style as Advisory - Yellow
    if($style -eq 2)
    {
        $clrFor = 14;
        $clrBkg = 14;
    }

# color & lines
    Write-Host $RT  -NoNewline;
    Write-Host $BAR -NoNewline -ForegroundColor $clrFor -BackgroundColor $clrBkg;
    Write-Host $RT  -NoNewline;
    Write-Host $ABR -NoNewline;
    Write-Host $RT  -NoNewline;
    Write-Host $BAR -NoNewline -ForegroundColor $clrFor -BackgroundColor $clrBkg;
    Write-Host $RT  -NoNewline;

# Wait...
    sleep -Milliseconds $SHW;

# Input = string
    $msg = $msg.Trim();
    $msg = "> $msg $RT ::";
    $ret = Read-Host -Prompt $msg;

# Wait...
    sleep -Milliseconds $PRO;

# locking <>
    $script:GetInput = $false;

# exit
    return($ret);
}

#######################################################################
function GoNext
{
    Param
    (
        [Parameter(Mandatory=$false, HelpMessage="title: Default = Result")]
        [string]
        $title = "Result",
        [Parameter(Mandatory=$false, HelpMessage="-msg: Your Msg...")]
        $msg = "",
        [Parameter(Mandatory=$false, HelpMessage="-exp: Default = B")]
        [string]
        $exp = "B",
        [Parameter(Mandatory=$false, HelpMessage="flg: 0 = Continue, 1 = Start, 2 = Validation, 3 = Option, 4 = Advisory, 5 = Header, 6 = Footer")]
        [int]
        $flg = 0
    );

# locking <>
    if($script:GoNext0 -eq $true){ return; }
    $script:GoNext0 = $true;

# User input txt
    $inp = "";

# Msgs
    $MsgOption = "Type one of the Options Menu numbers and press [Enter]";
    $MsgUIExp  = "Type a User input text & press [Enter]";
    $MsgNext   = "Press [Enter] to continue...";
    $MsgBack   = "Type B letter and press [Enter] for [Back][Break]...";

# Msg Flags = 6 - >>> Footer >>> Press [Enter] to continue >>>
    if($flg -eq 6)
    {
        # Input
        $inp = GetInput -msg $MsgNext;

# locking <>
        $script:GoNext0 = $false;

# exit
        return;
    }

# Msg Flags 1 -  >>> Normal >>> User text with [Enter] for Options Menu >>>
    if($flg -eq 1)
    {
        # New Screen -> Blank >>>
        StartOver;

# Options #
        # Title
        Write-Host " << Title >> $NL Options Menu $NL";
        # Text
        Write-Host "   << Text >> $RT";
        Write-Host "1. New/Set User";
        Write-Host "2. New/Renew Wild SSL for the User";
        Write-Host "3. Refresh & display all";
        Write-Host "4. Visit Current User Domain";
        Write-Host "5. Legal";
        Write-Host "6. Exit app.";

# Input = Number
        $inp = GetInput -msg $MsgOption;
    }
    else
    {
        # loop condition
        $cnd = 1;

# Msg Misc Flags
        while($cnd -ne 0)
        {
            # locking <>
            if($script:GoNext1 -eq $true){ continue; }
            $script:GoNext1 = $true;

# New Screen -> Blank >>>
            StartOver;

# Title
            Write-Host " << Title >> $NL $title $NL";
            # Text
            Write-Host "   << Text >> $RT";
            if($msg -ne $null -and $msg -ne "")
            {
                if($msg.GetType().Name -imatch "\b(String)")
                {
                    Write-Host $msg -WarningAction SilentlyContinue -ErrorAction SilentlyContinue;
                }
                else
                {
                    Format-List -Property * -Expand Both -InputObject $msg -WarningAction SilentlyContinue -ErrorAction SilentlyContinue;
                }
            }
            else
            {
                # if not Header 5 ->>>
                if($flg -ne 5){ Write-Host "Action of no returns has been finished."; }
            }

# Msg Flags = [ 0/null/>=size ] - >>> Normal >>> Press [Enter] to continue >>>
            if($flg -eq 0 -or $flg -eq $null -or $flg -ge 7)
            {
                # Input
                $inp = GetInput -msg $MsgNext;
                $cnd = 0;
            }

# Msg Flags = 2 - >>> User input(Valid Data) >>> Type (e.g email, domain etc) & [Enter] >>>
            if($flg -eq 2)
            {
                # Input
                $inp = GetInput -msg $MsgUIExp;
                # validate...
                if($inp -imatch $exp){ $cnd = 0; }
            }

# Msg Flags = 3 - >>> User input(Just Options) >>> Type (e.g C=confirm, P=production etc) & [Enter] >>>
            if($flg -eq 3)
            {
                # Input
                $inp = GetInput -msg $MsgUIExp -style 1;
                $cnd = 0;
            }

# Msg Flags = 4 - >>> Advisory >>> Type B & [Enter] >>>
            if($flg -eq 4)
            {
                # Input
                $inp = GetInput -msg $MsgBack -style 2;
                # validate...
                if($inp -ieq "b"){ $inp = "B"; $cnd = 0;}
            }

# Msg Flags = 5 - >>> Header >>> Exit While for next output >>>
            if($flg -eq 5){ $inp = ""; $cnd = 0; }

# locking <>
            $script:GoNext1 = $false;
        }
    }

# locking <>
    $script:GoNext0 = $false;

# exit
    return($inp);
}

#######################################################################
function NewSetUser
{
    # locking <>
    if($script:NewSetUser -eq $true){ return; }
    $script:NewSetUser = $true;

# Connection check
    if($script:connec -ieq $false)
    {
        # Next >>>
        GoNext -title "New/Set User -> Connection Error" -msg $MsgConnec -flg 4;

# locking <>
        $script:NewSetUser = $false;

# exit
        return;
    }

# Input = server
    $user_server = "LE_STAGE";
    # Next >>>
    $ret = GoNext -title "New/Set User -> User Server Mode" -msg "Type P for $MODEPROD SSL mode or any for $MODESTAGE SSL" -flg 3;
    # Set Server
    if($ret -ieq "p"){ $user_server = "LE_PROD"; }

# Input = sslpkey
    $user_sslpkey = $SSLPKSAME;
    $exp =
"Everytime User-SSL Private-Key Option Setup: $NL
    - Type N for '$SSLPKNEW' option or $NL
       - any for '$SSLPKSAME' option.
";
    # Next >>>
    $ret = GoNext -title "New/Set User -> User SSL Private Key" -msg $exp -flg 3;
    # Set Server
    if($ret -ieq "n"){ $user_sslpkey = $SSLPKNEW; }

# Input = email
    $exp = "^[\w-\.]+@([\w-]+\.)+[\w-]{1,}$";
    # Next >>>
    $user_email = GoNext -title "New/Set User -> User Email" -msg "Enter a valid email(e.g $script:email)" -exp $exp -flg 2;

# Input = domain
    $exp = "^([\w-]+\.)+[\w-]{1,}$";
    # Next >>>
    $user_domain = GoNext -title "New/Set User -> User Domain" -msg "Enter a valid domain(e.g $script:domain)" -exp $exp -flg 2;

# Input = Confirm/C
    $exp = $MODESTAGE;
    if($user_server -eq "LE_PROD"){ $exp = $MODEPROD; }
    $exp = 
"Are you sure you want to create/set the following User: $NL
    - The mode    entered: $exp $NL
    - The SSL key entered: $user_sslpkey $NL
    - The email   entered: $user_email $NL
    - The domain  entered: $user_domain $RT
    $MsgConfirm";

# Next >>>
    $ret = GoNext -title "New/Set User -> Confirm" -msg $exp -flg 3;

# Connection & all check
    try
    {
        if($ret -ieq "c")
        {
            # Save All User inputs
            $script:server = $user_server;
            if($script:server -ieq "LE_STAGE")
                { $script:mode =  $MODESTAGE; }
            else{ $script:mode =  $MODEPROD;  }
            $script:sslpkey    =  $user_sslpkey;
            $script:email      =  $user_email.Trim();
            $script:domain     =  $user_domain.Trim();
            $script:alnams     =  ($user_domain, "*.$user_domain");

# Set Server
            $ret = Set-PAServer $user_server -WarningAction SilentlyContinue -ErrorAction Stop;
            # Next >>>
            GoNext -title "New/Set User -> Set-PAServer -> Result" -msg $ret;

# Get Account
            $ret = Get-PAAccount -List -Contact $script:email -Refresh -WarningAction SilentlyContinue -ErrorAction Stop;
            # Next >>>
            GoNext -title "New/Set User -> Get-PAAccount -> Result" -msg $ret;

if($ret -ieq $null)
            {
                # New Account
                $ret = New-PAAccount -Contact $script:email -AcceptTOS -WarningAction SilentlyContinue -ErrorAction Stop;
                # Next >>>
                GoNext -title "New/Set User -> New-PAAccount -> Result" -msg $ret;

# Get Account
                $ret = Get-PAAccount -List -Contact $script:email -Refresh -WarningAction SilentlyContinue -ErrorAction Stop;
                # Next >>>
                GoNext -title "New/Set User -> Get-PAAccount -> Result" -msg $ret;
            }

# New Screen Msg >>>
            if($ret -ne $null)
            {
                $status = $ret[0].status.ToUpper();
                $status = $status.Trim();
                if($status -imatch "\b(VALID)")
                {
                    # Set Account
                    if($script:sslpkey -ieq $SSLPKNEW)
                    {
                        # Set Account(NK)
                        $ret = Set-PAAccount -ID $ret[0].ID -KeyRollover -WarningAction SilentlyContinue -ErrorAction Stop;
                        # Next >>>
                        GoNext -title "New/Set User -> Set-PAAccount(New Key) -> Result" -msg $ret;
                    }
                    else
                    {
                        # Set Account(SK)
                        $ret = Set-PAAccount -ID $ret[0].ID -WarningAction SilentlyContinue -ErrorAction Stop;
                        # Next >>>
                        GoNext -title "New/Set User -> Set-PAAccount(Same Key) -> Result" -msg $ret;
                    }

# Next >>>
                    GoNext -title "New/Set User -> Result" -msg "User is saved to current running script as VALID for server!" -flg 4;

# PASS
                    $script:step = 2;
                }
                else
                {
                    # Next >>>
                    GoNext -title "New/Set User -> Error" -msg "User is saved to current running script as $ret[0].status for server! You may restart script/saving again!" -flg 4;
                
                    # Next >>>
                    $ret = GoNext -title "New/Set User -> Error" -msg $MsgSkipErr -flg 3;
                    # Exit for ERROR
                    if($ret -ine "s"){ $script:step = 0; }
                }
            }
            else
            {
                # Next >>>
                GoNext -title "New/Set User -> Error" -msg "Failed saving User to current running script! You may restart script/saving again!" -flg 4;
            
                # Next >>>
                $ret = GoNext -title "New/Set User -> Error" -msg $MsgSkipErr -flg 3;
                # Exit for ERROR
                if($ret -ine "s"){ $script:step = 0; }
            }
        }
        else
        {
            # Next >>>
            GoNext -title "New/Set User -> Result" -msg "No User has been entered/changed for current running script!" -flg 4;

# DO NOTHING...
            # $script:step = $script:step;
        }

# Next >>>
        GoNext -title "New/Set User -> All Result" -msg "All done!";
    }
    catch
    {
        # Next >>>
        GoNext -title "New/Set User -> Error" -msg "$MsgCheck $RT + Last Error: $RT - $_";

# Next >>>
        $ret = GoNext -title "New/Set User -> Error" -msg $MsgSkipErr -flg 3;
        # Exit for ERROR
        if($ret -ine "s"){ $script:step = -1; }
    }

# locking <>
    $script:NewSetUser = $false;
}

#######################################################################
function NewRenewWildSSLforTheUser
{
    # locking <>
    if($script:NewRenewWildSSLforTheUser -eq $true){ return; }
    $script:NewRenewWildSSLforTheUser = $true;

# Connection check
    if($script:connec -ieq $false)
    {
        # Next >>>
        GoNext -title "New/Renew Wild SSL for the User -> Connection Error" -msg $MsgConnec -flg 4;

# locking <>
        $script:NewRenewWildSSLforTheUser = $false;

# exit
        return;
    }

# User check
    if($script:step -ne 2)
    {
        # Next >>>
        GoNext -title "New/Renew Wild SSL for the User -> User Info Error" -msg $MsgOptIn -flg 4;

# locking <>
        $script:NewRenewWildSSLforTheUser = $false;

# exit
        return;
    }

# Connection & all check
    try
    {
        # Get Order
        $order = $null;
        $order = Get-PAOrder -MainDomain $script:domain -Name "$script:domain" -Refresh -WarningAction SilentlyContinue -ErrorAction Stop;

# Get renewal dt
        $renewAfter = $null;
        if($order -ne $null)
        {
            $renewAfter = $order.RenewAfter;
            $renewAfter = [DateTimeOffset]::Parse($renewAfter);
        }

# Get Auths
        $auths = $null;
        if($order -ne $null){ $auths = $order | Get-PAAuthorization -WarningAction SilentlyContinue -ErrorAction Stop; }

# Get Auths Status
        $status = $null;
        if($auths -ne $null)
        {
            $status = $auths.status.ToUpper();
            $status = $status.Trim();
        }

$OK = 0;

#
        # 1. NEW ***
        #
        if($order -ieq $null -or $status -imatch "\b(INVALID)")
        {
            # New Cert
            if($script:sslpkey -ieq $SSLPKNEW)
            {
                $ret = New-PACertificate -Domain $script:alnams -Name "$script:domain" -AcceptTOS -Contact "$script:email" -DirectoryUrl $script:server -AlwaysNewKey -OCSPMustStaple -UseModernPfxEncryption -WarningAction SilentlyContinue -ErrorAction Stop;
            }
            else
            {
                $ret = New-PACertificate -Domain $script:alnams -Name "$script:domain" -AcceptTOS -Contact "$script:email" -DirectoryUrl $script:server -OCSPMustStaple -UseModernPfxEncryption -WarningAction SilentlyContinue -ErrorAction Stop;
            }
            # Next >>>
            GoNext -title "New/Renew Wild SSL for the User -> New-PACertificate -> Result" -msg $ret;
            $OK = 1;
        }

#
        # 2. REVALIDATION ***
        #
        if($OK -ne 1 -and $status -imatch "\b(PENDING)")
        {
            # Revalidate all pending order's domains
            $ret = $auths.DNS01Url | Send-ChallengeAck -WarningAction SilentlyContinue -ErrorAction Stop;
            # Next >>>
            GoNext -title "New/Renew Wild SSL for the User -> Send-ChallengeAck -> Result" -msg $ret;
            $OK = 1;
        }

#
        # 3. RENEWAL ***
        #
        if($OK -ne 1 -and $status -imatch "\b(VALID)" -or $renewAfter -ne $null)
        {
            # time to renew
            if ([DateTimeOffset]::Now -gt $renewAfter)
            {
                # Renewal as New Cert
                if($script:sslpkey -ieq $SSLPKNEW)
                {
                    $ret = New-PACertificate -Domain $script:alnams -Name "$script:domain" -AcceptTOS -Contact "$script:email" -DirectoryUrl $script:server -AlwaysNewKey -OCSPMustStaple -UseModernPfxEncryption -WarningAction SilentlyContinue -ErrorAction Stop;
                }
                else
                {
                    $ret = New-PACertificate -Domain $script:alnams -Name "$script:domain" -AcceptTOS -Contact "$script:email" -DirectoryUrl $script:server -OCSPMustStaple -UseModernPfxEncryption -WarningAction SilentlyContinue -ErrorAction Stop;
                }
                # Next >>>
                GoNext -title "New/Renew Wild SSL for the User -> New-PACertificate -> Result" -msg $ret;
                $OK = 1;
            }
            else
            {
                # Next >>>
                GoNext -title "New/Renew Wild SSL for the User -> Result" -msg "No need to create/renew the cert. Mostly, it is valid!";
                $OK = 1;
            }
        }

if($OK -ne 0)
        {
            # Next >>>
            GoNext -title "New/Renew Wild SSL for the User -> All Result" -msg "All done!";
        }
        else
        {
            # Next >>>
            GoNext -title "New/Renew Wild SSL for the User -> All Result" -msg "No SSL Found! You may need to start new with a different email/key for the required domain.";
        }
    }
    catch
    {
        # Next >>>
        GoNext -title "New/Renew Wild SSL for the User -> Error" -msg "$MsgCheck $RT + Last Error: $RT - $_ $RT - Domain: $script:domain";

# Next >>>
        $ret = GoNext -title "New/Renew Wild SSL for the User -> Error" -msg $MsgSkipErr -flg 3;
        # Exit for ERROR
        if($ret -ine "s"){ $script:step = -2; }
    }

# locking <>
    $script:NewRenewWildSSLforTheUser = $false;
}

#######################################################################
function RefreshDisplayAll
{
    # locking <>
    if($script:RefreshDisplayAll -eq $true){ return; }
    $script:RefreshDisplayAll = $true;

# Connection check
    if($script:connec -ieq $false)
    {
        # Next >>>
        GoNext -title "Refresh & display all -> Connection Error" -msg $MsgConnec -flg 4;

# locking <>
        $script:RefreshDisplayAll = $false;

# exit
        return;
    }

# User check
    if($script:step -ne 2)
    {
        # Next >>>
        GoNext -title "Refresh & display all -> User Info Error" -msg $MsgOptIn -flg 4;

# locking <>
        $script:RefreshDisplayAll = $false;

# exit
        return;
    }

# Connection & all check
    try
    {
        # Next - Header >>>
        GoNext -title "Refresh & display all -> Details" -flg 5;

# Get Order
        $order = $null;
        $renewAfter = $null;
        $auths = $null;
        $msg = "NA";
        $cer = $null;
        $order = Get-PAOrder -MainDomain $script:domain -Name "$script:domain" -Refresh -WarningAction SilentlyContinue -ErrorAction Stop;

# Order Details:
        if($order -ne $null)
        {
            # Get renewal dt
            $renewAfter = $order.RenewAfter;
            if($renewAfter -ne $null)
             {  $renewAfter = [DateTimeOffset]::Parse($renewAfter);  }

# Get Auths
            
            $auths = $order | Get-PAAuthorization -WarningAction SilentlyContinue -ErrorAction Stop;

# Auths Details:
            if($auths -ne $null)
            {
                $status = $auths.status.ToUpper();
                $status = $msg.Trim();
            }
            else
            {
                # Details Old Authorization:
                $status = "Old Authorization!";
            }
        }
        else
        {
            # Details No Order:
            $status = "No Order!";
        }

# Details Header:
$txt =
"SSL Order Status:
$status $NL
Renew After:
$renewAfter $NL
Current running script User email:
$script:email $NL
Current running script User domain:
$script:domain $NL
Default password/PfxPass for(e.g PFX file):
poshacme $RT$RT";
Write-Host $txt;

# SSL:
Write-Host "Certificate for current set User: $NL";
$cer = Get-PACertificate -MainDomain $script:domain -Name "$script:domain" -WarningAction SilentlyContinue -ErrorAction Stop;
if($cer -ne $null)
{
    $cer | Format-List -Property * -Expand Both -WarningAction SilentlyContinue -ErrorAction Stop;
}
else
{
    Write-Host "No SSL Found! You may need to start new with a different email/key for the required domain.";
}
Write-Host "
$NL *** Note:
- New SSL drops all old SSL certs, so no need for revocation.
- Let's Encrypt SSL is limited to 90 days to expire.
$RT$RT";

# TXT Keys:
Write-Host "DNS TXT Keys(tokens):$NL";
if($auths -ne $null)
{
$auths.DNS01Token | Get-KeyAuthorization -ForDNS -WarningAction SilentlyContinue -ErrorAction Stop | Format-List -Property * -Expand Both -WarningAction SilentlyContinue -ErrorAction SilentlyContinue;
}
else
{
    Write-Host "No TXT Keys Found! Authorization happens at once and ends automatically after domain validation.";
}
Write-Host "
$NL *** Note:
- Value(s) to create 1-2 DNS TXT records with the same name: _acme-challenge.$script:domain
- Value(s) DNS TXT records can be removed when Status is VALID or VALID VALID.
$RT$RT";
# Errors:
Write-Host "Errors: $NL";
if($auths -ne $null)
{
$auths.challenges.error | Out-Host -Paging -WarningAction SilentlyContinue -ErrorAction SilentlyContinue;
}
else
{
    Write-Host $status;
}

# Next - Footer >>>
        GoNext -flg 6;
    }
    catch
    {
        # Next >>>
        GoNext -title "Refresh & display all -> Error" -msg "$MsgCheck $RT + Last Error: $RT - $_ $RT - Domain: $script:domain";

# Next >>>
        $ret = GoNext -title "Refresh & display all -> Error" -msg $MsgSkipErr -flg 3;
        # Exit for ERROR
        if($ret -ine "s"){ $script:step = -3; }
    }
    
    # locking <>
    $script:RefreshDisplayAll = $false;
}

#######################################################################
function VisitCurrentUserDomain
{
    # locking <>
    if($script:VisitCurrentUserDomain -eq $true){ return; }
    $script:VisitCurrentUserDomain = $true;

# Connection check
    if($script:connec -ieq $false)
    {
        # Next >>>
        GoNext -title "Visit Current User Domain -> Connection Error" -msg $MsgConnec -flg 4;

# locking <>
        $script:VisitCurrentUserDomain = $false;

# exit
        return;
    }

# User check
    if($script:step -ne 2)
    {
        # Next >>>
        GoNext -title "Visit Current User Domain -> User Info Error" -msg $MsgOptIn -flg 4;

# locking <>
        $script:VisitCurrentUserDomain = $false;

# exit
        return;
    }

# Connection & all check
    try
    {
        # Visit current User domain
        Start-Process -FilePath "https://$script:domain/" -WarningAction SilentlyContinue -ErrorAction stop;

# Next >>>
        GoNext -title "Visit Current User Domain -> All Result" -msg "All done!";
    }
    catch
    {
        # Next >>>
        GoNext -title "Visit Current User Domain -> Error" -msg "$MsgCheck $RT + Last Error: $RT - $_";

# Next >>>
        $ret = GoNext -title "Visit Current User Domain -> Error" -msg $MsgSkipErr -flg 3;
        # Exit for ERROR
        if($ret -ine "s"){ $script:step = -4; }
    }
    
    # locking <>
    $script:VisitCurrentUserDomain = $false;
}

#######################################################################
function Legal
{
    # locking <>
    if($script:Legal -eq $true){ return; }
    $script:Legal = $true;

# Input = Confirm/C
    $txt =
"- This Script  :  Hello-Free-Wild-SSL.PS1, ver 1.0.0.
- Use          :  A utility for Let's Encrypt SSL.
- Developer    :  Al bunyan.
- Website      :  https://ulike123.com/
- Dependencies :  Posh-ACME Module.
- Credits to   :  Ryan Bolger, Posh-ACME Module Developer.
- Website      :  https://poshac.me/
- License      :
    MIT License
    Copyright (c) 2023 Al bunyan $RT
    Permission is hereby granted, free of charge, to any person obtaining a copy $RT
    of this software and associated documentation files (the ""Software""), to deal $RT
    in the Software without restriction, including without limitation the rights $RT
    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell $RT
    copies of the Software, and to permit persons to whom the Software is $RT
    furnished to do so, subject to the following conditions: $RT
    The above copyright notice and this permission notice shall be included in all $RT
    copies or substantial portions of the Software. $RT
    THE SOFTWARE IS PROVIDED ""AS IS"", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR $RT
    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, $RT
    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE $RT
    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER $RT
    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, $RT
    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE $RT
    SOFTWARE.";

# Next >>>
    GoNext -title "Legal -> IMPORTANT" -msg $txt -flg 4;

# locking <>
    $script:Legal = $false;
}

#######################################################################
function ScriptCycle
{
    # locking <>
    if($script:ScriptCycle -eq $true){ return; }
    $script:ScriptCycle = $true;

$hidden = 1;
    while($hidden -eq 1)
    {
        # Status
        $script:status = GetStatus;

if($script:step -ile 0)
        {
            # check zero to negative-- step case:
            if($script:step -ieq 0 -or $script:step -ieq -1 -or $script:step -ieq -2 -or $script:step -ieq -3)
            {
# Error Msg
$txt = $env:PSModulePath.Replace(";", $RT);
$txt = "Sometimes you may need to clear all cached files under the folder Posh-ACME: $NL
that can be found under one of the following Modules folders: $NL
$txt
";
            }
            if($script:step -ieq -4 -or $script:step -ieq -6)
            {
# Error Msg
$txt = "Check you have installed the latest PowerShell and your internet is connected!";
            }

# Next >>>
            GoNext -title "Exit for Error -> Workaround" -msg $txt -flg 4;
            break;
        }
        else
        {
            # New Screen -> Start >>>
            StartOver -flg 2;
            $opt = GoNext -flg 1;

# options hooks switch
            if($opt -eq 1)
            {
                # New Screen -> Processing >>>
                StartOver -flg 3;
                NewSetUser;
            }
            if($opt -eq 2)
            {
                # New Screen -> Processing >>>
                StartOver -flg 3;
                NewRenewWildSSLforTheUser;
            }
            if($opt -eq 3)
            {
                # New Screen -> Fitching >>>
                StartOver -flg 4;
                RefreshDisplayAll;
            }
            if($opt -eq 4)
            {
                # New Screen -> Fitching >>>
                StartOver -flg 4;
                VisitCurrentUserDomain;
            }
            if($opt -eq 5)
            {
                # New Screen -> Fitching >>>
                StartOver -flg 4;
                Legal;
            }
            if($opt -eq 6)
            {
                # New Screen -> Bye ! >>>
                StartOver -flg 5;
                break;
            }
        }
    }

# locking <>
    $script:ScriptCycle = $false;

# Bye !
    Exit;
}

#######################################################################
function Init
{
    # New Screen -> Hello >>>
    StartOver -flg 1;

# Init
    $ret = SetPoshACME;

if($ret -eq 1)
    {
        ### Start Script Main Cycle >>>
        ScriptCycle;
    }
    else
    {
        $msg = "";
        if($ret -eq -1)
        {
            # Verbose
            $msg = 
"This script couldn't be loaded! $NL
    - You may debug this by running powershell/cmd/prompt/terminal as sudo/admin and... $NL
    - Rerun this script again.";

### New Screen -> Bye >>>
            StartOver -flg 5 -msg $msg;
        }
        else
        {
            # Verbose
            $msg = 
"Posh-ACME Module couldn't be found! $NL
    - Would you like trying installing it ? $RT
$MsgConfirm";

# Next >>>
            $ret = GoNext -title "Dependencies -> Posh-ACME Module" -msg $msg -flg 3;

if($ret -ieq "c")
            {
                # Init
                $ret = GetPoshACME;

# check
                if($ret -eq $true)
                {
                    ### Start Script Main Cycle >>>
                    ScriptCycle;
                }
                else
                {
                    # Verbose
                    $msg = 
"Posh-ACME Module couldn't be installed! $NL
    - You may debug this by installing it yourself as sudo/admin from... $NL
    - https://poshac.me/ $NL
    - and... $NL
    - Rerun this script again.";

### New Screen -> Bye >>>
                    StartOver -flg 5 -msg $msg;
                }
            }
            else
            {
                ### New Screen -> Bye >>>
                StartOver -flg 5;
            }
        }
    }
}

### Start App
Init;

PS1 -->

Overview:

Securing your domain with a stable wild SSL is appreciated by SEO, visitors, and customers.
That way, you tell that you do care about classifying your domain as a secured internet place.

Requirements:

The portable PowerShell command prompt running on Windows, Mac, or Linux - See more...
Click here to copy the Hello-Free-Wild-SSL.PS1 code.
- If the previous code-copy link didn't work...
- Open this web page source code and...
- Copy the code between  and...
- Don't forget to ommit that start and end tags of HTML comments.
Save it as Hello-Free-Wild-SSL.PS1
Run PowerShell.
Open the saved file.
Click F5 or the green Run button.
Follow the script on-screen options/instructions etc.
Browse the cert files(ex: key/pfx, cert/crt, chain/pundle, etc) from your computer.
Open them with a text editor.
Copy and paste them to your domain SSL manager.
- If you are one of our resellers, click here to visit your domain SSL manager.
- Being a reseller only needs a domain.
- Click here to "Join Reseller Program".

Credits:

Thanks to Let's Encrypt CA for the free wild SSL it offers its clients quarterly.

Thanks to the backend PowerShell module used by our 1000+ lines User frontend PS1.

Click here to visit Posh-ACME module website by Ryan Bolger.

Features:

Our PS1 installs the Posh-ACME module automatically, if NA and...
It shows many User frontend readable options.
It is safe and never overwrites orders, users, or certs.
It checks expiry date & time to avoid duplication.
It continues working smoothly on same/pending orders.
It refreshly shows:
Mostly first-time authorization DNS TXT tokens; webmastering verification.
Terminal-Copiable files folders addresses for(ex: key/pfx, cert/crt, chain/pundle, etc).
It handles too many errors in addition to those passed-thru to it.
It works only refreshly online.
It works on both Stage(Test/Demo) and Production(Real/Live) modes.
It offers renewing/rollingover the private key or just using it.
It smoothly uses its defaults(ex: Manual DNS, stable SSL, Modern PFX(AES), etc).
Renewal is applicable only during the last expiry month as a new order.
Just run our PS1 and with few clicks your wild SSL is ready to be submitted.
If your domain is hosted, there is often an auto SSL renewal bots. That means...
You may only create a wild SSL once and never again with our PS1.