Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

certificate import

Posted on 2014-02-17
12
Medium Priority
?
394 Views
Last Modified: 2014-02-20
hi,

need help,
i want to know is it possible to import certificate through script.
Certificate store is personal with private key.
I have tried few steps but it did not work, it giving me error.

Regards,
skumar.
0
Comment
Question by:Skumar_CCSA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 39866701
You can probably do this through a two step process with certutil

 certutil -privatekey -p "pssword" -exportpfx subject c:\path-to-pfx\pfx-file.pfx
 certutil -f -p pssword -importpfx  c:\path-to-pfx\pfx-file.pfx

You can wrap that in any script you want.
0
 

Author Comment

by:Skumar_CCSA
ID: 39866714
thank you so much...
user will not have any access to do..
so each time when user log.. the exe/script file execute ..
it will import the certificate and overwrite..
target import folder will be c:\cert
can you please help me...i am trying this last two days...
nothing worked...
0
 
LVL 29

Expert Comment

by:becraig
ID: 39866720
ok so 2 questions:

1) where is the original certificate being exported from
2) You want to import this certificate to the user's certificate store  ?
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 

Author Comment

by:Skumar_CCSA
ID: 39866728
purpose of these cert for two factor authentication.
Originally is imported from the CA server througn CA web console
admin will install the client certificate during the laptop setup..

certificate is stored in Personal store.
0
 
LVL 29

Expert Comment

by:becraig
ID: 39866741
The assumption is the script will be running under the current user's context:
You will have to simply add this to your script.

certutil -f -user -p [password] -importpfx c:\cert\pfx-file.pfx

-user indicates you are importing to the current user's store
0
 

Author Comment

by:Skumar_CCSA
ID: 39866748
thank...
still not working..
i have attached the script that look to troubleshoot....
can you please let me know what i am doing mistake....
cert.vbs
cert-import.cmd
0
 
LVL 29

Accepted Solution

by:
becraig earned 1500 total points
ID: 39866810
Ok so I am not sure what you are trying to do with this line ?

for /F "delims=" %%f in (c:\scripts\logs\cert_name.log) do set cert_name=%%f >>%logpath% 2>&1

Also I am expecting you should be looking for cert names instead of just:
cert.pfx  ?


If this is a single certificate import then there is no need for all that extra copy to log - read log - output directory listing to log etc.

I think what you are trying to do is as below:
set logpath="C:\scripts\logs\cert_import.log"
set logdir="C:\scripts\logs"
dir /b C:\websys\EdgeClient > c:\scripts\logs\cert_name.log
echo %date% %time% Verify the certificates. >>%logpath%
findstr /I %computername% c:\scripts\logs\cert_name.log >>%logpath% 2>&1
if %errorlevel% NEQ 0 goto end
echo %date% %time% Import the certificate. >>%logpath%
for /F "delims=" %%f in (c:\scripts\logs\cert_name.log) do certutil -f -user -p "Aso!" -importpfx c:\websys\EdgeClient\%%f  >>>>%logpath% 2>&1
:end

rem Delete verify files
echo %date% %time% Delete verified files. >>%logpath%
del /f c:\scripts\logs\cert_name.log >>%logpath% 2>&1

exit

Open in new window

0
 

Author Comment

by:Skumar_CCSA
ID: 39866873
still have same issue...
you any sugg which can make it easier ...
all i need when user login ..the script should import the cert from IE personal certificate store to local drive c:\
thanks to help.
0
 

Author Comment

by:Skumar_CCSA
ID: 39866943
sorry....
want to import (install) client cert every logon event.
c:\cert is the certificate location.
whenever user logon it will install and overwrite the certificate..
pls help..
0
 
LVL 29

Expert Comment

by:becraig
ID: 39870740
Is this a single certificate or multiple certificates ?

Weill the filename always be known or will we have to search for it ?
0
 

Author Comment

by:Skumar_CCSA
ID: 39872013
File name single....
Computer host name and certificate will be same...
0
 

Author Comment

by:Skumar_CCSA
ID: 39875667
thanks.....
found the issue with cert names.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question