Install-PACertificate.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
function Install-PACertificate {
    [CmdletBinding()]
    param(
        [Parameter(ValueFromPipeline)]
        [PSTypeName('PoshACME.PACertificate')]$PACertificate,
        [ValidateSet('LocalMachine','CurrentUser')]
        [string]$StoreLocation = 'LocalMachine',
        [string]$StoreName = 'My',
        [switch]$NotExportable
    )

    Process {

        if (-not $IsWindows -and 'Desktop' -ne $PSEdition) {
            Write-Warning "Install-PACertificate currently only works on Windows OSes"
            return
        }

        if (-not $PACertificate) {
            # try to get the certificate associated with the current order
            $PACertificate = Get-PACertificate

            if (-not $PACertificate) {
                throw "No certificate found for current order."
            }
        }

        Write-Verbose "Importing $($PACertificate.Subject) certificate to $StoreLocation\$StoreName."
        $importArgs = @{
            PfxFile = $PACertificate.PfxFullChain
            PfxPass = $PACertificate.PfxPass
            StoreLocation = $StoreLocation
            StoreName = $StoreName
            NotExportable = $NotExportable.IsPresent
        }
        Import-PfxCertInternal @importArgs
    }


    <#
    .SYNOPSIS
        Install a Posh-ACME certificate into a Windows certificate store.
 
    .DESCRIPTION
        This can be used instead of the -Install parameter on New-PACertificate to import a certificate with more configurable options.
 
    .PARAMETER PACertificate
        The PACertificate object you want to import. This can be retrieved using Get-PACertificate and is also returned from things like New-PACertificate and Submit-Renewal.
 
    .PARAMETER StoreLocation
        Either 'LocalMachine' or 'CurrentUser'. Defaults to 'LocalMachine'.
 
    .PARAMETER StoreName
        The name of the certificate store to import to. Defaults to 'My'. The store must already exist and will not be created automatically.
 
    .PARAMETER NotExportable
        If specified, the private key will not be marked as Exportable.
 
    .EXAMPLE
        Install-PACertificate
 
        Install the certificate for the currently selected order to the default LocalMachine\My store.
 
    .EXAMPLE
        Get-PACertificate example.com | Install-PACertificate
 
        Install the specified certificate to the default LocalMachine\My store.
 
    .EXAMPLE
        Install-PACertificate -StoreLocation 'CurrentUser' -NotExportable
 
        Install the certificate for the currently selected order to the CurrentUser\My store and mark the private key as not exportable.
 
    .LINK
        Project: https://github.com/rmbolger/Posh-ACME
 
    .LINK
        Get-PACertificate
    #>

}