Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3802
  • Last Modified:

How to script the import of a .pfx certificate

I have a wildcard certificate and need to import it across 100+ machines. Is there a way I can do this. I looked at the certmgr.exe tool but did not see how to get this to run remotely on all machines. I had to install the SDk to get the tool.

There must be some way to do this but I cant seem to find any.


Thanks for any help
0
andrew_89
Asked:
andrew_89
  • 7
  • 6
1 Solution
 
redseatechnologiesCommented:
Hi andrew_89,

Others may have tidier solutions, but using certmgr in a login script would do the job.  Alternatively, you could use something like PSExec to run it remotely -> http://www.sysinternals.com/Utilities/PsExec.html

Hope that helps,

-red
0
 
andrew_89Author Commented:
Yes but doesnt the program have to be installed everywhere to use psexec. I mean I only have certmgr on one box.... and do you know what the correct syntax for certmgr is to do this.

These are all IIS boxes so how could I do a login script??
0
 
redseatechnologiesCommented:
Ahh, if they are servers, dont bother with a logon script.

I doubt you will need the program installed on each machine, but you will most likely need to have the .net framework installed (which it should be already).  Test it out - copy over certmgr.exe and any other obvious dlls (like certmgr.dll if it exists :))

Here are the command line switches for certmgr -> http://msdn2.microsoft.com/en-us/library/e78byta0.aspx

As to running this command, I am not sure as I have not done it with .pfx files

-red
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
andrew_89Author Commented:
I found this script:
Option Explicit
Dim iiscertobj, pfxfile, pfxfilepassword, InstanceName, WebFarmServers, IISServer
Set iiscertobj = WScript.CreateObject("IIS.CertObj")
pfxfile = WScript.Arguments(0)
pfxfilepassword = WScript.Arguments(1)
InstanceName = WScript.Arguments(2)
WebFarmServers = split(WScript.Arguments(3), ",")
iiscertobj.UserName = WScript.Arguments(4)
iiscertobj.UserPassword = WScript.Arguments(5)
For Each IISServer in WebFarmServers
  iiscertobj.ServerName = IISServer
  iiscertobj.InstanceName = InstanceName
  iiscertobj.Import pfxfile, pfxfilepassword, true, true
Next

but I keeo getting subscript out of range errors on line 9??? any idea on this one ??
0
 
redseatechnologiesCommented:
I assume you are talking about this -> http://technet2.microsoft.com/WindowsServer/en/library/f2ef3228-4a4b-4cc8-99cc-78784aa5890b1033.mspx?mfr=true

Are you following the instructions for running that?

Certimport.vbs cert.pfx pfxpassword w3svc/1 iisserver1,iisserver2,iisserver3 Administrator aal34290
0
 
andrew_89Author Commented:
Yes this is where I found it but I keep getting that error.
0
 
andrew_89Author Commented:
Okay now I followed it exaclty the way they wanted and receive the error below.

line 12
Invalid procedure call or argument
0
 
redseatechnologiesCommented:
what is the command you are running?
0
 
andrew_89Author Commented:
I think I see the issue.. This .p12 file that I am trying to import was generated without a passphrase so the variable pfxpassword is not being passed. If I try to remove that variable form being passed , a different error comes back:

Wrong number of arguments or invalid property assignment:


Certimport.vbs c:\test.p12    w3svc/1 iis02,iis13,iis12 administrator  password
0
 
redseatechnologiesCommented:
try entering "" as the password - or try to get the file with a password...
0
 
andrew_89Author Commented:
either way I get

 Invalid procedure call or argument

on line 12  (iiscertobj.Import pfxfile, pfxfilepassword, true, true)

Looks like I may have to do this thing manually .......
0
 
andrew_89Author Commented:
Oky I gotit working now. I just regenerated the key with a passphrase and passed that in. It works great thanks for your help as you got me on the right direction.
0
 
redseatechnologiesCommented:
Excellent, glad to hear you got it sorted

-red
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 7
  • 6
Tackle projects and never again get stuck behind a technical roadblock.
Join Now