Problem:  I have multiple firewall certificates to import to a machines trusted root certificate authority
Solution: In my current role we use Watchguard hardware firewalls, each of which has its own proxy authority certificate that needs importing to Trusted Root Certificate Authority store on the local machine.  On our domains this is easy to do with group policy but as a roaming machine off the domain an engineers laptop needs to manually install them.  To make this easier than using  GUI we can use our trusted friend PowerShell.
Here is the script I wrote for it:

   1: # Options

   2: $Path = "C:Firewall Certificates"

   3: $Filetype = ".pem"


   5: $certFile = get-childitem $Path | where {$_.Extension -match $Filetype}

   6: $i = 0

   7: foreach ($cert in $certFile)

   8:     {

   9:         $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2

  10:         $cert.import($Path + $certfile.Name[$i])

  11:         $store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")

  12:         $store.Open("MaxAllowed") 

  13:         $store.Add($cert) 

  14:         $store.Close()

  15:         Write-Host "Certificate" $certfile.Name[$i] "- IMPORTED SUCCESSFULLY!"

  16:         $i++ 


  18:     }


  20: Write-Host "--- Sucessfully imported: $i Certificates"

So first we set our certificate path location and file type for the certificate:

   1: $Path = "C:Firewall Certificates"

   2: $Filetype = ".pem"

Next we look into the path for all files of the specified type

   1: $certFile = get-childitem $Path | where {$_.Extension -match $Filetype}

Then a simple for each statement with a counter to increment after each addition.  For each certificate found the function runs importing the certificate to the correct location (Trusted Root Certificate Authority store) and incrementing the counter, repeating until finished.  Once finished it writes to the host it has done it correctly (Write-Host = bad I know, it serves a small purpose for me on this script) then finally giving out an indication of how many certificates were imported by giving out the total count

Script to add multiple certificates to the Trusted Root Certificate Authority store
Author:  Jonathan of
Version: 1.0.0
# Options
$Path = "C:\Certificates\"
$Filetype = ".pem"
# Read in files and set up counter
$certFile = get-childitem $Path | where {$_.Extension -match $Filetype}
$i = 0
# Import Loop
foreach ($cert in $certFile)
        $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
        $cert.import($Path + $certfile.Name[$i])
        $store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Root","LocalMachine")
        Write-Host "Certificate" $certfile.Name[$i] "- IMPORTED SUCCESSFULLY!"
Write-Host "--- Sucessfully imported: $i Certificates"


0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *