Forum Discussion
Install cert as admin for special user via windows admin center
Hi,
I try to install a cert, a website uses to auth the visit. That means I have to install it local and manually by logging into the user acc and install it under "CurrentUser\My". If I install it for the whole machine "LocalMachine\My" it will be ignored when I try to access the website (seems Chrome don't check these certs). Manually that works. But I want to make life easier using windows admin center. The problem is that I log into the machine with an admin account. When I navigate to cert, there is no option to import a cert for a special (different) user account. Is there a way to install it (maybe via powershell) for a special user without knowing his password? I mean - I'm the admin of that machine, I should be able to do that.
Thanks for any help!
- micheleariisSteel Contributor
Hi, in Windows Admin Center you cannot install certificates directly into another user's CurrentUser\My.
You can, however, use the PowerShell section to run a script that loads the user's log (NTUSER.DAT) and imports the certificate into its context.Example Script:
$certPath = “C:\path\to\certificate.pfx”
$password = ConvertTo-SecureString -String “password” -AsPlainText -Force
$userProfile = “C:\Users\<UserName>”reg load HKU\TempHive “$userProfile\NTUSER.DAT”
Import-PfxCertificate -FilePath $certPath -CertStoreLocation Cert:\HKU\TempHive\My -Password $password
reg unload HKU\TempHive- Credit12Copper Contributor
Sounds good, I'll try that next week :)
Do you also have a solution to delete the old expired cert? I think I can identify it via the fingerprint!?
- Credit12Copper Contributor
What does this mean:
$password = ConvertTo-SecureString -String “password” -AsPlainText -Force
Do I have to know the useres password?
- micheleariisSteel Contributor
No, you don't need to know the user's password. it refers to the password of the certificate file (such as a .pfx file)
- Credit12Copper Contributor
Unfortunately I get an error @ fifth line:
Import-PfxCertificate -FilePath $certPath -CertStoreLocation Cert:\HKU\TempHive\My -Password $password
->
Import-PFxCertificate: Der Pfad "Cert: \HKU\TempHive My" kann nicht gefunden werden, da er nicht vorhanden ist.
In Zeile:1 Zeichen:1
Import-PixCertificate -FilePath ScertPath -CertStoreLocation Cert: \HK...
+ CategoryInfo : ObjectNotFound: (Cert:\HKU\TempHive\My:String) [Import-PfxCertificate), ItemNotFoundException
+ FullyQualifiedErrorId: PathNotFound, Microsoft.CertificateServices.Commands. ImportPfxCertificateI think the problem is this: "Cert:\HKU\TempHive\My" The path seems not correct.