PowerShell to create Root Certification Authority

Hello fellow developers,

I am trying to create a Root Certification Authority with a PowerShell Script and am struggling. Could someone have a look at my script sofar and help me on the way?

Thank you lots in advance,
Daniel

### create rootCA ###
# run
# .\rootca.ps1 <action>
# <action> = install | uninstall | backup | recover

[String[]]$actions = (
  'install',
  'uninstall',
  'backup',
  'recover'
)

$action = $args[0]
Write-Host "action : $action"

function checkAction() {
  if($action -eq $null) {
    Write-Host "provide action"
  } elseif ($action -notin $actions) {
    Write-Host "provide valid action : $actions"
  }
}

function installAdcs() {
  try {
    Install-AdcsCertificationAuthority
    Write-Host "installed ADCS"
  } catch {
    $message = $_
    Write-Warning "failed to install ADCS : $message"
  }
}

function unInstallAdcs() {
  try {
    Uninstall-AdcsCertificationAuthority -Force
    Write-Host "uninstalled ADCS"
  } catch {
    $message = $_
    Write-Warning "failed to uninstall ADCS : $message"
  }
}

function createRootCa() {
  try {
    Install-AdcsCertificationAuthority -CAType StandaloneRootCa -CACommonName rootCA
    Write-Host "Created rootCA"
  } catch {
    $message = $_
    Write-Warning "failed to install rootCA : $message"
  }
}

function createRootCert() {
  try {
    #use existing private key
    #select an existing private key on this computer
    #select cryptographic provider
    Write-Host "created root certificate" 
  } catch {
    $message = $_
    Write-Warning "failed to create root certificate"
  }
}

function configureRootCa() {
  try {
    certutil -setreg CA\ValidityPeriod "Years"
    certutil -setreg CA\ValidityPeriodUnits 15
    certutil -setreg CA\DSConfigDN "CN=Configuration,DC=win,DC=x,DC=x,DC=nl"
    certutil -setreg CA\AuditFilter 127
    #restart certsvc
    Write-Host "configured rootCA"
  } catch {
    $message = $_
    Write-warning "rootCA failed to configure : $message"
  }
}

function setCdp() {
  try {
    Remove-AdCRL -Uri "*c:\windows*"
    Remove-AdCRL -Uri "*ldap://*"
    Add-CDP -Uri "http://x/pki/rootCA.crl" -AddToCertificateCdp
    Write-Host "configured CDP"
  } catch {
    $message = $_
    Write-Warning "failed to configure CDP : $message"
  }
}

function setAia() {
  try{
    $AIA = Get-AIA
    $AIA | Remove-AIA
    Add-AIA -Uri "http://x/pki"  -AddToCertificateAia
    Add-AIA -Uri "http://www.x/ocsp" -AddToCertificateOcsp
    Write-Host "configured AIA"
  } catch {
    $message = $_
    Write-Warning "failed to configure AIA : $message"
  }
}

function saveRootCa() {
  try {
    Write-Host "saved rootCA"
  } catch {
    $message = $_
    Write-Warning "failed to save rootCA : $message"
  }
}

function retrieveRootCa() {
  try {
    Write-Host "retrieved rootCA"
  } catch {
    $message = $_
    Write-Warning "failed to retrieve rootCA : $message"
  }
}

function install() {
  installAdcs
  createRootCa
  createRootCert
  configureRootCa
  setCdp
  setAia
}

function uninstall() {
  uninstallAdcs
}

function backup() {
  saveRootCa
}

function recover() {
  retrieveRootCa
}

function run() {
  checkAction

  Switch ($action) {
    'backup' {
      backup
      Write-Host "backed-up rootCA"
    }
    'recover' {
      recover
      Write-Host "recovered rootCA"
    }
    'install' {
      install
      Set-CDP -RestartCA
      Write-Host "installed ADCS & created rootCA"
    }
    'uninstall' {
      uninstall
      Write-Host "uninstalled ADCS & removed rootCA"
    }
    Default {
      Write-Host "ignored unknown action"
    }
  }
}

run