Forum Discussion
Solved
Deploy Windows 11 device certificate with password through Intune
I am using configuration profile to push device cert through Intune and get the cert installed. I am not sure how would I do it for a CERT that has a password. I was trying using OMA-URI custom p...
- Nice, if it works.. Share 😊
C:\Users\HarmVeenstra> $password = ConvertTo-SecureString -String "123" -AsPlainText -Force
C:\Users\HarmVeenstra> Import-PfxCertificate -FilePath D:\temp\test.pfx -Password $password -CertStoreLocation Cert:\CurrentUser\My -Exportable:$false
works for me when importing a pfx file with a password of 123 for example
C:\Users\HarmVeenstra> Import-PfxCertificate -FilePath D:\temp\test.pfx -Password $password -CertStoreLocation Cert:\CurrentUser\My -Exportable:$false
works for me when importing a pfx file with a password of 123 for example
I missed the - before AsPlainText
Import-pfxcertificate : The PFX file you are trying to import requires either a different password or membership in an Active Directory Principal to which it is protected.
Googling this I came across 2 things
Try surrounding the plain text password with single quotes instead of double quotes. I had a password with $ in it that gave me the same error until I swapped the quotes.
With Single quote I get 0x8007005 E_ACCESSDENIED
- Any update?
- You can see that in the properties of the certificate in your certificate store on the second tab
- Yes, that is what I thought and another one I am reading is about importing a TripleDES-SHA1 -encrypted certificate works as expected than importing am AES256-SHA256. I am not sure what is mine, is there a way to check that? This I am reading in an article in GitHub
https://github.com/dscommunity/CertificateDsc/issues/153 - Looks good to me... Doing the same steps here just works... Could you export the certificate with a less complex password to avoid having to escape certain characters?
- $SecurePassword = ConvertTo-SecureString -String "Password" -AsPlainText -Force
Import-pfxcertificate -FilePath C:\Temp\Cert.pfx -Exportable:$false -Password $SecurePassword -CertStoreLocation Cert:\LocalMachine\My - How does the script look like now?
- I am running this on the local machine as the Powershell script did not run so testing it first on the local machine importing it and running it as local admin
- Are you running it as admin and importing it into the LocalMachine store?