Search This Blog

Monday, July 18, 2011

Installing multiple certificates to specific stores on remote machines

I won’t go into how I loop through and pass the commands to remote servers as I do that in this article. All I do he is add more certutil info, and also some info about navigating the certificate store from within powershell.

So in my case I needed to import a certificate into the Intermediate Certification Authorities Store. Now I knew I could use this command

Certutil –f –addstore <store Name> <intermediate CA name>.crt

However I needed to know the programmatic name for the store (not the one nicely listed in windows), in the end I worked it out but using PowerShell and the cert: drive. Browsing around until I came across some certificates that I knew where in the store.

As it turns out the CA store is the “Intermediate Certification Authorities” store. So the command will be

Certutil –f –addstore CA <intermediate CA name>.crt

Powershell: Cert Drive

Within PowerShell you can actual change to a directory called cert:, this is in fact a representation of the certificate store. (example below

PS C:> cd cert:

PS cert:

Location : CurrentUser
StoreNames : {SmartCardRoot
, UserDS, AuthRoot, CA...}

Location : LocalMachine
StoreNames : {SmartCardRoot
, AuthRoot, CA, Trust...}

PS cert:
>cd localmachine

PS cert:
\localmachine> dir

Name : SmartCardRoot

Name : AuthRoot

Name : CA

Name : Trust

Name : Disallowed

Name : My

Name : Root

Name : TrustedPeople

Name : TrustedDevices

Name : Remote Desktop

Name : TrustedPublisher



No comments:

Post a Comment