Import Certificates to Trust Root Certificate Authority

Problem:  I have multiple firewall certificates to import to a machines trusted root certificate authority

Solution: In my current role we use Watchguard hardware firewalls, each of which has its own proxy authority certificate that needs importing to Trusted Root Certificate Authority store on the local machine.  On our domains this is easy to do with group policy but as a roaming machine off the domain an engineers laptop needs to manually install them.  To make this easier than using  GUI we can use our trusted friend PowerShell.

Here is the script I wrote for it:

   1: # Options
   2: $Path = "C:\Firewall Certificates\"
   3: $Filetype = ".pem"
   4:  
   5: $certFile = get-childitem $Path | where {$_.Extension -match $Filetype}
   6: $i = 0
   7: foreach ($cert in $certFile)
   8:     {
   9:         $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
  10:         $cert.import($Path + $certfile.Name[$i])
  11:         $store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")
  12:         $store.Open("MaxAllowed") 
  13:         $store.Add($cert) 
  14:         $store.Close()
  15:         Write-Host "Certificate" $certfile.Name[$i] "- IMPORTED SUCCESSFULLY!"
  16:         $i++ 
  17:              
  18:     }
  19:  
  20: Write-Host "--- Sucessfully imported: $i Certificates"

So first we set our certificate path location and file type for the certificate:

   1: $Path = "C:\Firewall Certificates\"
   2: $Filetype = ".pem"

Next we look into the path for all files of the specified type

   1: $certFile = get-childitem $Path | where {$_.Extension -match $Filetype}

Then a simple for each statement with a counter to increment after each addition.  For each certificate found the function runs importing the certificate to the correct location (Trusted Root Certificate Authority store) and incrementing the counter, repeating until finished.  Once finished it writes to the host it has done it correctly (Write-Host = bad I know, it serves a small purpose for me on this script) then finally giving out an indication of how many certificates were imported by giving out the total count

   1: $certFile = get-childitem $Path | where {$_.Extension -match $Filetype}
   2: $i = 0
   3: foreach ($cert in $certFile)
   4:     {
   5:         $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
   6:         $cert.import($Path + $certfile.Name[$i])
   7:         $store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")
   8:         $store.Open("MaxAllowed") 
   9:         $store.Add($cert) 
  10:         $store.Close()
  11:         Write-Host "Certificate" $certfile.Name[$i] "- IMPORTED SUCCESSFULLY!"
  12:         $i++ 
  13:              
  14:     }
  15:  
  16: Write-Host "--- Sucessfully imported: $i Certificates"

.You can download the script here:

Jonathan

Add comment