locked
Import PFX Certificate on remote computers with script RRS feed

  • Question

  • Hello,

    I am struggleing to get this working.

    I have tried variations of Enter-PSSession and Invoke-Command. My current iteration is this:

    Invoke-Command -ComputerName $RDSH -ScriptBlock {
        Import-PFXCertificate -CertStoreLocation Cert:\LocalMachine\My -FilePath $using:CertPath -Password $using:CertPass
     }


    The variables $CertPath, $RDSH and $Certpass are retrieved earlier in the script. $CertPath as a string and $Certpass as a secure string. If I run the command locally with the same variables, the cert gets imported without issue. 

     I am getting the following error (times as many servers there are in $RDSH)

    The PFX file could not be found.
        + CategoryInfo          : NotSpecified: (:) [Import-PfxCertificate], FileNotFoundException
        + FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.CertificateServices.Commands.ImportPfxCertif 
       icate
        + PSComputerName        : s102.test.com

    Any tips?

    Friday, October 4, 2019 8:24 AM

Answers

  • Hi,

    Thanks for your reply.

    You can Pre-copy the pxf file using PSSession.

    For example:

    $session = New-PSSession -ComputerName $computerName
    Copy-Item -Path $CertPath -ToSession $session -Destination 'c:\windows\temp\test.pfx'
    
    Invoke-Command -Session $session -ScriptBlock {
        Import-PFXCertificate -CertStoreLocation Cert:\LocalMachine\My -FilePath 'c:\windows\temp\test.pfx' -Password $using:CertPass
    }
    Remove-PSSession $session

    Best regards,

    Lee


    Just do it.

    • Marked as answer by SveinS Friday, October 4, 2019 10:46 AM
    Friday, October 4, 2019 9:39 AM

All replies

  • Hi,

    Thanks for your question.

    Is $CertPath a local path or network path?

    If it is a local path, please check if there is a pxf file on the corresponding path on your remote computer.

    If it is a network path, it will cause a double hop authentication problem.

    Best regards,

    Lee


    Just do it.

    Friday, October 4, 2019 9:19 AM
  • Thank you for the reply. 

    Should have mentioned it before, $CertPath is a UNC path.

    What will be easier to do, copy the file locally first or solve the double hop auth issue?

    Friday, October 4, 2019 9:28 AM
  • Hi,

    Thanks for your reply.

    You can Pre-copy the pxf file using PSSession.

    For example:

    $session = New-PSSession -ComputerName $computerName
    Copy-Item -Path $CertPath -ToSession $session -Destination 'c:\windows\temp\test.pfx'
    
    Invoke-Command -Session $session -ScriptBlock {
        Import-PFXCertificate -CertStoreLocation Cert:\LocalMachine\My -FilePath 'c:\windows\temp\test.pfx' -Password $using:CertPass
    }
    Remove-PSSession $session

    Best regards,

    Lee


    Just do it.

    • Marked as answer by SveinS Friday, October 4, 2019 10:46 AM
    Friday, October 4, 2019 9:39 AM
  • Thank you! Works perfectly. 

    I ended up adding another line to create a folder on the destination servers first, then copy the certificate to that folder. 

    Friday, October 4, 2019 10:48 AM
  • Hi,

    I am glad to hear that your issue was successfully resolved.

    If there is anything else we can do for you, please feel free to post in the forum.

    Best regards,

    Lee


    Just do it.

    Monday, October 7, 2019 3:28 AM