Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Install certificate with PowerShell on remote server

Tags:

powershell

certificate

I want to install a certificate (X.509) created with makecert.exe on a remote server. I am not able to use psexec or something like that but have to use PowerShell.

  • Server operating system: Windows Server 2008 R2
  • PowerShell version: 4

Question: How to install a certificate with PowerShell on a remote server.

like image 356
D.R. Avatar asked Jan 22 '14 09:01

D.R.

2 Answers

Scenario: ServerA has the SSL cert, ServerB would like the SSL cert imported

  1. define two variables (ServerB only):

    $afMachineName = "SomeMachineNameOrIp"
$certSaveLocation = "c:\temp\Cert.CER"

  2. enable trust on both machines (ServerA & ServerB):

    Function enableRemotePS() {
    Enable-PSRemoting -Force
    Set-Item wsman:\localhost\client\trustedhosts $afMachineName -Force
    Restart-Service WinRM
}

  3. Save the certificate (ServerB only):

    Function saveCert([string]$machineName,[string]$certSaveLocation) {
    Invoke-Command -ComputerName $machineName -ArgumentList $certSaveLocation -ScriptBlock {
        param($certSaveLocation)
        $cert = dir Cert:\LocalMachine\Root | where {$_.Subject -eq "CN=YOURCERTNAME" };
        $certBytes = $cert.Export("cert");
        [system.IO.file]::WriteAllBytes($certSaveLocation, $certBytes);
    }

    Copy-Item -Path \\$machineName\c$\temp\CertAF.CER -Destination $certSaveLocation
}

  4. Import the certificate (ServerB only)

    Function importCert([string]$certSaveLocation) {
    $CertToImport = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certSaveLocation

    $CertStoreScope = "LocalMachine"
    $CertStoreName = "Root"
    $CertStore = New-Object System.Security.Cryptography.X509Certificates.X509Store $CertStoreName, $CertStoreScope

    # Import The Targeted Certificate Into The Specified Cert Store Name Of The Specified Cert Store Scope
    $CertStore.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite)
    $CertStore.Add($CertToImport)
    $CertStore.Close()
}
like image 109
xx1xx Avatar answered Oct 30 '22 16:10

xx1xx

To import a PFX file you can use Import-PfxCertificate, for example

Import-PfxCertificate -FilePath YOUR_PFX_FILE.pfx -Password (ConvertTo-SecureString -String "THE_PFX_PASSWORD" -AsPlainText -Force)

To do this on a remote computer, you can use Invoke-Command -ComputerName (and use an UNC path for the PFX file).

like image 4
ulrichb Avatar answered Oct 30 '22 17:10

ulrichb
Sign in to Comment

Related questions

PowerShell script to get network card speed of a Windows Computer
How to start a script at a specified point in Powershell
Powershell: get-date & [datetime]::FromFileTime returns different values
Output a hashtable of Arrays in Powershell
Powershell Progress Bar in Windows Forms
Disable Automatic Updates with PowerShell
Get Cached Credentials in PowerShell from Windows 7 Credential Manager
How to grep SQL Server stored procedures?
Where does Windows PowerShell set $profile?
Using Powershell to find multi-line patterns in files
Reference command name with dashes
How to trust a certificate in Windows Powershell
Getting different results using the pipeline with functions
Powershell - notMatch
Powershell Invoke-Command Remove-Item Remote Server
Export to CSV and view output on the screen
How to Pass PSCredential object from C# code to Powershell Function
Setting a website's application pool in IIS using Powershell
Filtering multiple users with get-aduser
Cannot find property on object that exists

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!