Import-PfxCertificate on remote machines

Welcome Forums General PowerShell Q&A Import-PfxCertificate on remote machines

Viewing 2 reply threads
  • Author
    Posts
    • #249596
      Participant
      Topics: 2
      Replies: 2
      Points: 35
      Rank: Member

      Hello all.  I am working on trying to be able to automate the installation of mutual authentication certificates to a service account user store for an application that I support.  When I try and enter a PSSession on the remote machine as the service account, PowerShell looks like it does it’s thing, but the certificate is never installed.

      This is the code I’m trying to run:

      PS C:\WINDOWS\system32> Enter-PSSession -ComputerName remotemachine -Credential $cred
      [remotemachine]: PS C:\Users\serviceaccount\Documents> Import-PfxCertificate -FilePath C:\temp\mutualauth.pfx -Password (ConvertTo-SecureString “password” -AsPlainText -Force) -CertStoreLocation Cert:\CurrentUser\my
      [remotemachine]: PS C:\Users\serviceaccount\Documents>

      As you can see, the command completes without error.  If I log into the remote machine and run Enter-PSSession -ComputerName localhost-Credential $cred I am able to run that import without any issues.

      I have also tried to run it through Invoke-Command -ComputerName remotemachine -Credential $cred -ScriptBlock and get the same result.  Any ideas why the certificate fails to import if the .pfx is on the remote machine and the code being invoked is on a remote machine?

    • #249701
      Participant
      Topics: 15
      Replies: 1776
      Points: 3,218
      Helping Hand
      Rank: Community Hero

      Take a look at the below, it looks like it might have something to do .NET permissions:

      https://stackoverflow.com/questions/33392340/powershell-how-to-install-a-pfx-certificate-on-a-remote-computer-in-currentuse

    • #249743
      Participant
      Topics: 2
      Replies: 2
      Points: 35
      Rank: Member

      Thanks for the info!

      Sounds like something I have been saying to the developers for a LONG time.  Stop writing your code to run in user space…

Viewing 2 reply threads
  • You must be logged in to reply to this topic.