[THIN] Importing PFX Certificates into user profile

• From: Warren Simondson <caditc@xxxxxxxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Mon, 24 Jan 2011 12:17:50 +1100

I think I remember someone asking how to import PFX certificates into user 
profiles, whether they 
be mandatory, local or roaming. On a clean up of my utilities disk I found the 
following app from 
the old days that lets you automate the import of a certificate in the users 
private store.

The app can be download at:

 http://home.fnal.gov/~jklemenc/importpfx.html

It's call importpfx and it still works nicely for those scanarios if used in a 
logon script.

IMPORTPFX v1.0 Joe Klemencic 2002

Usage: importpfx.exe -f <filename.p12> -p <export passwd> -t USER|MACHINE -s 
<certstore> [-
r "Subject OU to remove" | -all]

This utility will import a PKCS12 certificate file (with a .p12 or .pfx 
extension) into the certificate 
store specified by the -s parameter.
The default behavior is to overwrite like certificates (if available). The -r 
"Subject OU" will remove 
all certificates matching the Subject CN
in from the CN in the PKCS12 file and the Subject OU set to the -r parameter.

PARAMETERS:
-f = PKCS12 filename
-p = Password to secure the private key with
-t = Store type (USER or MACHINE)
-s = The certificate store to import into (MY is a common param)

-r "Subject OU Text" = Delete all user certificates in which the Subject OU 
matches the -r "Subject 
OU Text" and the Subject CN matches the PKCS12 Subject CN
-r -all = Delete ALL user certificates in the <certstore>


Examples:
Import a PKCS12 file into the MY store, overwriting if allowed:
importpfs.exe -f x509.p12 -p "password" -t USER -s MY

Import a PKCS12 file into the local machine Testing store and delete any stored 
certificates with a 
Subject containing OU="Self-Signed CA":
importpfx.exe -f x509.p12 -p "" -t MACHINE -s Testing -r "Self-Signed CA"

Delete ALL certificates in the USER MY store:
importpfx.exe -t USER -s MY -r -all


-- 
Warren Simondson

Ctrl-Alt-Del IT Consultancy Pty Ltd

Website: http://www.ctrl-alt-del.com.au

************************************************
For Archives, RSS, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
//www.freelists.org/list/thin
Follow ThinList on Twitter
http://twitter.com/thinlist
************************************************

• References:
  • [THIN] Re: appsense mandatory profiles
    • From: Bruce Ricker
  • [THIN] Re: appsense mandatory profiles
    • From: Jon Wallace
  • [THIN] Re: appsense mandatory profiles
    • From: Bruce Ricker
  • [THIN] Re: appsense mandatory profiles
    • From: Andy Friar
  • [THIN] Re: appsense mandatory profiles
    • From: Bruce Ricker
  • [THIN] Re: appsense mandatory profiles
    • From: Andy Friar
  • [THIN] Re: appsense mandatory profiles
    • From: Bruce Ricker
  • [THIN] Re: appsense mandatory profiles
    • From: Bruce Ricker
  • [THIN] Re: appsense mandatory profiles
    • From: jeremy
  • [THIN] (no subject)
    • From: James Scanlon
  • [THIN] Settings Not saving
    • From: James Scanlon
  • [THIN] Re: Settings Not saving
    • From: Greg Reese
  • [THIN] Re: Settings Not saving
    • From: James Scanlon

Other related posts:

• » [THIN] Importing PFX Certificates into user profile - Warren Simondson

1. Home
2. thin
3. Archive
4. 01-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---