Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Sunday, April 15, 2018 10:42 PM
I need to push certificate(.cert) on remote machines, I tried with .bat file thru SCCM but its not taking remote path
Is there a way to push it thru SCCM package ?
All replies (10)
Tuesday, April 17, 2018 7:13 PM âś…Answered
Hey
Finally I found the fix.Here is the fix
certutil.exe -addstore -User "Intermediate Certification Authorities" "%~dp0wsa.crt"
Monday, April 16, 2018 2:29 AM
Define "push"? What kind of certificate? Where are you "pushing" it to?
https://home.configmgrftw.com/certificate-deployment-with-configmgr/ may help depending on exactly what you want to do.
Jason | https://home.configmgrftw.com | @jasonsandys
Monday, April 16, 2018 3:54 AM | 1 vote
Hi,
Have you tried creating a GPO and adding a certificate file to it?
Jorgen wrote a blog post that uses certutil, you can refer to http://ccmexec.com/2011/06/system-center-updates-publisher-and-osd/
Best Regards,
Lorry
Please remember to mark the replies as answers if they help. If you have feedback for TechNet Subscriber Support, contact [email protected].
Monday, April 16, 2018 10:25 AM
Thank you for the reply
we need to push/import .cert with SCCM only
Monday, April 16, 2018 2:12 PM | 1 vote
That still doesn't answer the questions though.
.cert is a not a cert type, it's file type that contains a cert.
Thus, my questions above still stand, what kind of cert are you wanting to deploy and where are you wanting to deploy it? And of course, have you read the blog post I linked to?
Jason | https://home.configmgrftw.com | @jasonsandys
Monday, April 16, 2018 4:06 PM
.crt type is security certificate
Monday, April 16, 2018 4:08 PM
No, as noted, .crt is a type of file, not a type of certificate.
Jason | https://home.configmgrftw.com | @jasonsandys
Monday, April 16, 2018 6:58 PM
ok ..exported and imported as .cer but its not installing on remote machine
Monday, April 16, 2018 7:03 PM
We can't help you though because we still don't know what type of certificate this is or where you are trying to import it?
Jason | https://home.configmgrftw.com | @jasonsandys
Monday, April 16, 2018 7:09 PM
I've gone that route and attempted to push out a PowerShell script built around the Import-Certificate module as described in one of the blog posts here on TechNet.
But in reality I gave up on that and went with a GPO as soon as I saw how easily it was to manage more than one. It gives you a nice list to keep track of the certs you import, and is just as effective and possibly easier to set up. Just go with the GPO and be done with it.