Deploy ONE Certificate to MANY user’s personal cert store

Problem

Using Group Policies, you can import Certificates of Root Authorities or other Trusted Certificates. It’s also possible to use auto enrollment to deploy Certificates to Users, if an internal enterprise CA is used to handle the requests. But you cannot deploy one single standalone Certificate with private key to many users.

Solution

This can only be done using a script, ran using GPO’s or in an existing login script – if there’s still one in place.

Code

Use this command to import a PKCS#12 file (*.pfx or *.p12) into user’s Personal Certificate store.

certutil -importpfx -f -user -p "test" test.p12 NoRoot

Put your private key’s passwort after Parameter “-p”; in my example, the password was “test” and the PKCS#12 file is called test.p12.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s