Share via


Push certificates on remote machines with SCCM

Question

Sunday, April 15, 2018 10:42 PM

I need to push certificate(.cert) on remote machines, I tried with .bat file thru SCCM but its not taking remote path

Is there a way to push it thru SCCM package ?

All replies (10)

Tuesday, April 17, 2018 7:13 PM âś…Answered

Hey 

Finally I found the fix.Here is the fix

certutil.exe -addstore -User   "Intermediate Certification Authorities" "%~dp0wsa.crt"


Monday, April 16, 2018 2:29 AM

Define "push"? What kind of certificate? Where are you "pushing" it to?

https://home.configmgrftw.com/certificate-deployment-with-configmgr/ may help depending on exactly what you want to do.

Jason | https://home.configmgrftw.com | @jasonsandys


Monday, April 16, 2018 3:54 AM | 1 vote

Hi,

Have you tried creating a GPO and adding a certificate file to it?

Jorgen wrote a blog post that uses certutil, you can refer to http://ccmexec.com/2011/06/system-center-updates-publisher-and-osd/

Reference: https://social.technet.microsoft.com/Forums/azure/en-US/fc1421fd-4901-496d-b709-79934e1cc687/certificate-deployment-from-sccm-2012-cer-file?forum=configmanagerdeployment

Best Regards,

Lorry

Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact [email protected].


Monday, April 16, 2018 10:25 AM

Thank you for the reply
we need to push/import .cert with SCCM only


Monday, April 16, 2018 2:12 PM | 1 vote

That still doesn't answer the questions though.

.cert is a not a cert type, it's file type that contains a cert.

Thus, my questions above still stand, what kind of cert are you wanting to deploy and where are you wanting to deploy it? And of course, have you read the blog post I linked to?

Jason | https://home.configmgrftw.com | @jasonsandys


Monday, April 16, 2018 4:06 PM

.crt type is security certificate


Monday, April 16, 2018 4:08 PM

No, as noted, .crt is a type of file, not a type of certificate.

Jason | https://home.configmgrftw.com | @jasonsandys


Monday, April 16, 2018 6:58 PM

ok ..exported and imported as .cer but its not installing on remote machine 


Monday, April 16, 2018 7:03 PM

We can't help you though because we still don't know what type of certificate this is or where you are trying to import it?

Jason | https://home.configmgrftw.com | @jasonsandys


Monday, April 16, 2018 7:09 PM

I've gone that route and attempted to push out a PowerShell script built around the Import-Certificate module as described in one of the blog posts here on TechNet.

But in reality I gave up on that and went with a GPO as soon as I saw how easily it was to manage more than one.  It gives you a nice list to keep track of the certs you import, and is just as effective and possibly easier to set up.  Just go with the GPO and be done with it.