Reputation: 21194
Install certificate with PowerShell on remote server
I want to install a certificate (X.509) created with makecert.exe on a remote server. I am not able to use psexec or something like that but have to use PowerShell.
- Server operating system: Windows Server 2008 R2
- PowerShell version: 4
Question: How to install a certificate with PowerShell on a remote server.
Upvotes: 8
Views: 37109
Answers (3)
Reputation: 186
I've created a few scripts for this purpose:
https://github.com/kevin-bridges/WindowsPowerShell/tree/master/Scripts/certificates
take a look and see if they'd work for you. You can use get-help on each of them to check the usage details.
Upvotes: 0
Reputation: 2089
Scenario: ServerA has the SSL cert, ServerB would like the SSL cert imported
define two variables (ServerB only):
$afMachineName = "SomeMachineNameOrIp" $certSaveLocation = "c:\temp\Cert.CER"enable trust on both machines (ServerA & ServerB):
Function enableRemotePS() { Enable-PSRemoting -Force Set-Item wsman:\localhost\client\trustedhosts $afMachineName -Force Restart-Service WinRM }Save the certificate (ServerB only):
Function saveCert([string]$machineName,[string]$certSaveLocation) { Invoke-Command -ComputerName $machineName -ArgumentList $certSaveLocation -ScriptBlock { param($certSaveLocation) $cert = dir Cert:\LocalMachine\Root | where {$_.Subject -eq "CN=YOURCERTNAME" }; $certBytes = $cert.Export("cert"); [system.IO.file]::WriteAllBytes($certSaveLocation, $certBytes); } Copy-Item -Path \\$machineName\c$\temp\CertAF.CER -Destination $certSaveLocation }Import the certificate (ServerB only)
Function importCert([string]$certSaveLocation) { $CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certSaveLocation $CertStoreScope = "LocalMachine" $CertStoreName = "Root" $CertStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $CertStoreName, $CertStoreScope # Import The Targeted Certificate Into The Specified Cert Store Name Of The Specified Cert Store Scope $CertStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) $CertStore.Add($CertToImport) $CertStore.Close() }
Upvotes: 6
Reputation: 20054
To import a PFX file you can use Import-PfxCertificate, for example
Import-PfxCertificate -FilePath YOUR_PFX_FILE.pfx -Password (ConvertTo-SecureString -String "THE_PFX_PASSWORD" -AsPlainText -Force)
To do this on a remote computer, you can use Invoke-Command -ComputerName (and use an UNC path for the PFX file).
Upvotes: 4
Related Questions
- How can I install a certificate on a remote machine with PowerShell?
- Remotely access certificate store using Powershell
- How to install a Certificates using powershell script
- Powershell Script to Install Certificate Into Active Directory Store
- PowerShell: How to install a PFX certificate on a remote computer in 'CurrentUser' store location?
- Powershell assigning a Certificate
- Powershell certificate authentication on standalone server?
- Using PowerShell to run certreq remotely
- Install a pfx certificate on a remote server with powershell
- How to import a certificate using powershell