New to this forum and new to PowerShell scripting. I am trying to build a script that will export a certificate from one system and import it to another. Here is the typical scenario…
We will have several systems (clients) that run software that require a certificate. The certificate is generated when one of the component services is installed.started. Our back office system communicates with these client system, but to do so, it requires the certificates from the clients to be imported into the certificates store.
The script runs on each client system. It checks to see if the .CER file has already been created. If not, it creates the cert and then attempts an Invoke-Command to the back office system with a scriptblock that does the following.
Import-Certificate -FilePath -CertStoreLocation cert:\CurrentUser\TrustedPeople
The error I receive back from the back office system is:
Access is denied. 0x80070005 (WIN32: 5 ERROR_ACCESS_DENIED)
+ CategoryInfo : NotSpecified: ( [Import-Certificate], Exception
+ FullyQualifiedErrorId : System.Exception,Microsoft.CertificateServices.Commands.ImportCe
+ PSComputerName : BACKOFFICE
Now if I go to the back office system and run the Import-Certificate command pointing to the .CER file on the client, it imports the certificate just fine.
I have done the Invoke-Command going from Client->BackOffice and from BackOffice->Client and both are able to execute commands remotely.
So, what might be casunig this “Access is Denied” error. I could always write another script that sits on the BackOffice system and runs the Import-Cert locally, but I’d really prefer that the clients push the certificate to the BackOffice system.
Thank In Advance for any help.