Forum Discussion

oryxway's avatar
oryxway
Iron Contributor
Mar 01, 2023
Solved

Installing certificate

I want to import a .pfx device certificate to Personal\Certificate location as a local machine. Next, I want to make sure that I do not want to expose this certificate for compromise. Currently, I am...
Intune
  • Harm_Veenstra's avatar
    Harm_Veenstra
    Mar 01, 2023

    Just put the PFX file and the install.cmd plus a uninstall.cmd in one directory and create a Win32 package.

    You can use this as install.cmd
    powershell.exe -executionpolicy bypass .\install.ps1

    The install.ps1 file contains:
    import-pfxcertificate -FilePath .\certificate.pfx -Exportable:$false -Password '123123' -CertStoreLocation Cert:\CurrentUser\My

    the uninstall.cmd file contains the following:
    powershell.exe -executionpolicy bypass .\uninstall.ps1

    The uninstall.ps1 file contains the following:
    Get-Childitem -Path Cert:CurrentUser\My | Where-Object Subject -Match 'yoursubjectname' | Remove-Item -Force:$true

    Use a detection.ps1 containing:
    If (Get-Childitem -Path Cert:CurrentUser\My | Where-Object Subject -Match 'yoursubjectname') {
    Write-Host ("Certificate yoursubjectname found")
    exit 0
    }
    else {
    Write-Host ("Certificate yoursubjectname not found")
    exit 1
    }

    Set the scope to User and test it 🙂 (Because I didn't 😛 )

Harm_Veenstra's avatar
Harm_Veenstra
MVP
Mar 01, 2023

Just put the PFX file and the install.cmd plus a uninstall.cmd in one directory and create a Win32 package.

You can use this as install.cmd
powershell.exe -executionpolicy bypass .\install.ps1

The install.ps1 file contains:
import-pfxcertificate -FilePath .\certificate.pfx -Exportable:$false -Password '123123' -CertStoreLocation Cert:\CurrentUser\My

the uninstall.cmd file contains the following:
powershell.exe -executionpolicy bypass .\uninstall.ps1

The uninstall.ps1 file contains the following:
Get-Childitem -Path Cert:CurrentUser\My | Where-Object Subject -Match 'yoursubjectname' | Remove-Item -Force:$true

Use a detection.ps1 containing:
If (Get-Childitem -Path Cert:CurrentUser\My | Where-Object Subject -Match 'yoursubjectname') {
Write-Host ("Certificate yoursubjectname found")
exit 0
}
else {
Write-Host ("Certificate yoursubjectname not found")
exit 1
}

Set the scope to User and test it 🙂 (Because I didn't 😛 )

oryxway's avatar
oryxway
Iron Contributor
Mar 01, 2023
Thanks Harm. I think this should do, as I am testing now. But, the detection.ps1 I cannot use it as a file in Intune when I am creating the Apps, it is either MSI, Registry or File/Folder. So, if I select file and use detection.ps1 then it errors. How can we use the .PS1 with this detection script? Also when you say "Your Subject Name" it means my registry entry.