locked
Push certificates on remote machines with SCCM RRS feed

  • Question

  • I need to push certificate(.cert) on remote machines, I tried with .bat file thru SCCM but its not taking remote path

    Is there a way to push it thru SCCM package ?

    Sunday, April 15, 2018 10:42 PM

Answers

  • Hey 

    Finally I found the fix.Here is the fix

    certutil.exe -addstore -User   "Intermediate Certification Authorities" "%~dp0wsa.crt"

    • Marked as answer by Yuvan14 Tuesday, April 17, 2018 7:55 PM
    Tuesday, April 17, 2018 7:13 PM

All replies

  • Define "push"? What kind of certificate? Where are you "pushing" it to?

    https://home.configmgrftw.com/certificate-deployment-with-configmgr/ may help depending on exactly what you want to do.


    Jason | https://home.configmgrftw.com | @jasonsandys

    • Proposed as answer by Lorry Luo Monday, April 16, 2018 3:54 AM
    Monday, April 16, 2018 2:29 AM
  • Hi,

    Have you tried creating a GPO and adding a certificate file to it?

    Jorgen wrote a blog post that uses certutil, you can refer to http://ccmexec.com/2011/06/system-center-updates-publisher-and-osd/

    Reference: https://social.technet.microsoft.com/Forums/azure/en-US/fc1421fd-4901-496d-b709-79934e1cc687/certificate-deployment-from-sccm-2012-cer-file?forum=configmanagerdeployment

    Best Regards,

    Lorry


    Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Pear.Tree Monday, April 16, 2018 7:10 PM
    Monday, April 16, 2018 3:54 AM
  • Thank you for the reply
    we need to push/import .cert with SCCM only
    Monday, April 16, 2018 10:25 AM
  • That still doesn't answer the questions though.

    .cert is a not a cert type, it's file type that contains a cert.

    Thus, my questions above still stand, what kind of cert are you wanting to deploy and where are you wanting to deploy it? And of course, have you read the blog post I linked to?


    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, April 16, 2018 2:12 PM
  • .crt type is security certificate
    Monday, April 16, 2018 4:06 PM
  • No, as noted, .crt is a type of file, not a type of certificate.

    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, April 16, 2018 4:08 PM
  • ok ..exported and imported as .cer but its not installing on remote machine 
    Monday, April 16, 2018 6:58 PM
  • We can't help you though because we still don't know what type of certificate this is or where you are trying to import it?

    Jason | https://home.configmgrftw.com | @jasonsandys

    Monday, April 16, 2018 7:03 PM
  • I've gone that route and attempted to push out a PowerShell script built around the Import-Certificate module as described in one of the blog posts here on TechNet.

    But in reality I gave up on that and went with a GPO as soon as I saw how easily it was to manage more than one.  It gives you a nice list to keep track of the certs you import, and is just as effective and possibly easier to set up.  Just go with the GPO and be done with it. 

    Monday, April 16, 2018 7:09 PM
  • Hey 

    Finally I found the fix.Here is the fix

    certutil.exe -addstore -User   "Intermediate Certification Authorities" "%~dp0wsa.crt"

    • Marked as answer by Yuvan14 Tuesday, April 17, 2018 7:55 PM
    Tuesday, April 17, 2018 7:13 PM