Public/Install-PfxCert.ps1
|
#Requires -Modules PKI #Requires -RunAsAdministrator function Install-PfxCert { param( [ValidateScript( {Test-Path $_})] [string]$Path, [securestring]$Password = (ConvertTo-SecureString -String 'temp1234' -AsPlainText -Force) ) $pfxInfo = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $KeyStorageFlags = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable -bxor ` [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::MachineKeySet -bxor ` [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::PersistKeySet Write-Verbose ('Key storage flags is: {0}' -f $KeyStorageFlags); $pfxInfo.Import($Path, $Password, $KeyStorageFlags) $pfxThumbprint = $pfxInfo.Thumbprint $pfxCerts = Get-ChildItem -Path Cert:\LocalMachine\My -Recurse | Where-Object { $_.PSisContainer -eq $false -and $_.Thumbprint -eq $pfxThumbprint } $pfxCertInstalled = $false if ($pfxCerts) { Write-Host "Found $($pfxCerts.Count) certs" $pfxCerts | Select-Object -Property PSParentPath, Subject, Thumbprint, HasPrivateKey $pfxCert = $pfxCerts | Where-Object { $_.PSParentPath -like '*LocalMachine\My' } if ($pfxCert) { $pfxCertInstalled = $true } } if (!$pfxCertInstalled) { Write-Host "Installing Certificate $Path" Import-PfxCertificate -FilePath $Path -CertStoreLocation Cert:\LocalMachine\My -Exportable -Password $Password } else { Write-Host "Certificate already installed '$Path'" } } |