locked
Import-Certificate without confirmation (Ignore security warnings) RRS feed

  • Question

  • Hi,

    I want to import a self-signed certificate by using this command:

    Import-Certificate -Filepath "C:\folder\mycertificate.cer" -CertStoreLocation "cert:\CurrentUser\Root"

    But I get this security warning:

    I want to import the certificate without confirmation.
    Is it possible to ignore this warning?
    The parameter "-Confirm:$false" doesn't work.

    Thanks for help.


    Regards,
    Sven

    Tuesday, December 15, 2015 11:57 AM

Answers

  • -Confirm

    Prompts you for confirmation before running the cmdlet.

    Does not suppress windows dialogues.


    Dan

    • Proposed as answer by Elaine Jing Wednesday, December 16, 2015 6:44 AM
    • Marked as answer by Elaine Jing Friday, January 1, 2016 7:35 AM
    Tuesday, December 15, 2015 5:08 PM
  • I would expect the answer to this question is no.

    Think about the implications otherwise. What would be the point of having the security warning in the first place?


    • Proposed as answer by Elaine Jing Wednesday, December 16, 2015 6:44 AM
    • Marked as answer by Elaine Jing Friday, January 1, 2016 7:35 AM
    Tuesday, December 15, 2015 5:15 PM

All replies

  • -Confirm

    Prompts you for confirmation before running the cmdlet.

    Does not suppress windows dialogues.


    Dan

    • Proposed as answer by Elaine Jing Wednesday, December 16, 2015 6:44 AM
    • Marked as answer by Elaine Jing Friday, January 1, 2016 7:35 AM
    Tuesday, December 15, 2015 5:08 PM
  • I would expect the answer to this question is no.

    Think about the implications otherwise. What would be the point of having the security warning in the first place?


    • Proposed as answer by Elaine Jing Wednesday, December 16, 2015 6:44 AM
    • Marked as answer by Elaine Jing Friday, January 1, 2016 7:35 AM
    Tuesday, December 15, 2015 5:15 PM
  • Hi,

    Is there actually a solution for this?

    I can see the validity in running these commands fully automated via powershell as its not viable to manually click YES to a popup that you are trying to get added in the first place.

    I would very much like to see a solution for this issue.

    Cheers

    Mark

    Monday, June 20, 2016 2:00 PM
  • The solution is to click the button and move on with life. If you want no intervention, use a real certificate and deploy it with GP.

    Monday, June 20, 2016 2:47 PM
  • I had this problem today and this (previously unhelpful) thread was the first thing that came up in my search. With some more google-fu I found a way to achieve it, although it adds it to the local machine, and not the user's certificates.

    The following PowerShell script can be used to add a certificate into the LocalMachine store without a prompt. It needs to be run as administrator.

    $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\folder\mycertificate.cer")
    $rootStore = Get-Item cert:\LocalMachine\Root
    $rootStore.Open("ReadWrite")
    $rootStore.Add($cert)
    $rootStore.Close()

    References
    http://help.appveyor.com/discussions/questions/976-is-there-an-appveyor-self-signed-trusted-certificate-on-the-build-vm-for-testing-ssl 
    https://social.technet.microsoft.com/Forums/en-US/8e016573-9191-4152-8c4e-b74d739f5894/powershell-to-add-a-certificate-to-trusted-root-certification-authorities?forum=winserverpowershell



    Wednesday, April 5, 2017 10:50 AM
  • Mathew,

    Thanks for posting your answer. I was facing the same issue today about two hours after you updated this post.

    Much appreciated!!

    Wednesday, April 5, 2017 1:09 PM
  • You can also use: certutil -addstore "Root" "RootCA.cer"   in your powershell script. 
    Thursday, November 15, 2018 6:10 PM