Good evening,
I have been struggling with this for a week now and so i turn to you good people.
I am trying to import a PFX to 140+ servers all of which are Server 2012 R2. I am a local admin on all the boxes and have confirmed that if i import it the old fashion way or using CERTUTIL one at a time it works. ideally i would like to write a script which allows me to import it to all 140+ servers at once. I have googled the hell out of this, i have a reddit ( https://www.reddit.com/r/PowerShell/comments/5bos5a/importing_a_pfx/) and to date nothing has worked. i really hope that someone here can help me out please.
again thank you for your time
This is a basic script tested against one computer (I only have a small lab). It should be enough to get you started.
$servers = Get-Content 'C:\servers.txt'
$certpath = '\\fileserver\certshare\test.pfx'
$password = 'password' | ConvertTo-SecureString -AsPlainText -Force
foreach ($server in $servers) {
Copy-Item -Path $certpath -Destination "\\$server\c$\temp\"
Invoke-Command -ComputerName $server -ScriptBlock {
Import-PfxCertificate -FilePath 'C:\temp\test.pfx' -CertStoreLocation 'Cert:\CurrentUser\TrustedPublisher' -Password $using:password
}
}
thank you so much for your reply. i am definitely one step closer as i now get this error instead
he system cannot find the file specified. 0x80070002 (WIN32: 2 ERROR_FILE_NOT_FOUND). This may be the result of user credentials being required on the remote machine. See Enable-WSManCredSSP Cmdlet help on how to enable and use
CredSSP for delegation with PowerShell remoting.
+ CategoryInfo : NotSpecified: (
[Import-PfxCertificate], Exception
+ FullyQualifiedErrorId : RemotingFailure,Microsoft.CertificateServices.Commands.ImportPfxCertificate
+ PSComputerName :
That sounds like the second hop problem which was described in the reddit thread.
Please post a copy of the script you’re running so that we can see how you modified what I posted. You should change passwords and server names but don’t change network paths to local paths if they’re not local paths in your script.
I think i only changed the variables. i tried both with a network path to the file and local to the machine i running it from. I am still very confused on the double hop part. not sure how to use the variables
$servers = Get-Content ‘C:\cert\Serevrs.txt’
$certpath = ‘LOCATION OF PFX BOTH NETWORK OR LOCAL’
$password = 'PASSWORD ’ | ConvertTo-SecureString -AsPlainText -Force
foreach ($server in $servers) {
Copy-Item -Path $certpath -Destination "\\$server\c$\temp\" -Force
Invoke-Command -ComputerName $server -ScriptBlock {
Import-PfxCertificate -FilePath 'C:\temp\test.pfx' -CertStoreLocation 'Cert:\CurrentUser\TrustedPublisher' -Password $using:password
}
}
so i got it working. thank you for your help I truly appreciate it