none
WinPE .PFX Certificate Import - How to? RRS feed

  • Question

  • Hello.

    I have some older boot media that has been prestaged on a few drives that use an older certificate which has since been renewed and updated on the DPs and the newer boot media.

    Does anyone know of a way to import the new certificate pfx file into WinPE when booted into the older boot media? Is it safe to assume that if I was to import the new certificate before having the TS Wizard pull a policy from the server - that it would work? Otherwise I get an error, but I'm guessing that in theory if I was to import the new certificate to replace the one that is embedded in the boot media, that it would work. Also, which store does that certificate go into?

    Thanks for any help on this. I appreciate anyone taking the time.

    Sunday, December 6, 2015 12:28 AM

Answers

  • No. As you've noted, the cert is embedded in the media and thus the only path here is to re-create the media.

    Jason | http://blog.configmgrftw.com | @jasonsandys

    • Marked as answer by merophosis Friday, December 11, 2015 5:37 PM
    Sunday, December 6, 2015 12:46 AM

All replies

  • No. As you've noted, the cert is embedded in the media and thus the only path here is to re-create the media.

    Jason | http://blog.configmgrftw.com | @jasonsandys

    • Marked as answer by merophosis Friday, December 11, 2015 5:37 PM
    Sunday, December 6, 2015 12:46 AM
  • No. As you've noted, the cert is embedded in the media and thus the only path here is to re-create the media.

    Jason | http://blog.configmgrftw.com | @jasonsandys


    Ah ok. So something like certutil or pfximport won't help, right?

    I'm fine with your answer, just wanted to make sure - would be nice to use the remainder of these drives we have. I figured if I could drop the pfx file onto a USB drive and run a powershell script or some kind of script to import the cert and then proceed with the TS.

    Thanks for the reply!

    Sunday, December 6, 2015 12:58 AM
  • Certificate (and its private key) are stored in Variables.dat

    Sadly I never found a way to edit this encrypted file!

    Seb

    Monday, November 18, 2019 2:58 PM