Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 7 Next »

Prerequisites

  • Ensure the signed certificate files is on or accessible by the system that created the original certificate request

Install the certificate request 

  1. Sign in to the computer where the certificate was originally requested then start an administrative PowerShell session

    Complete any remaining instructions in this PowerShell session unless directed otherwise

  2. Run the follow commands to define the certificate to be imported: 

    $path_cer = Read-Host -Prompt "Provide the path to the certificate file"
$name_cer = Read-Host -Prompt "Provide the name of the certificate file"

  3. Run the follow commands to verify the certificate to be imported: 

    $file_cer = Get-ChildItem -Path $path_cer | Where-Object { $_.Name -Match $name_cer } | Sort-Object -Property LastWriteTime | Select-Object -Last 1
$test_cer = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($file_cer.FullName)
$test_cer | Select-Object Thumbprint, HasPrivateKey, NotBefore, NotAfter, Subject, Issuer

  4. Run the following commands to import the certificate: 

    $cert_folder = 'Cert:\LocalMachine\My'
$cert_object = Import-Certificate -FilePath $file_cer.FullName -CertStoreLocation $cert_folder

Update the certificate  

The following section is optional

  1. Run the following commands to replace the certificate: 

    The following commands will alert applications that an old certificate has been replaced by a new one. Only applications that subscribe to certificate notifications will be affected by these commands

    $cert_match = Get-ChildItem -Path $cert_folder | Where-Object {$_.Subject -eq $cert_object.Subject -and $_.Issuer -eq $cert_object.Issuer } | Sort-Object -Property NotBefore -Descending
If ($cert_match.Count -eq 2) { Try { Switch-Certificate -OldCert $cert_match[1] -NewCert $cert_match[0]; Remove-Item $cert_match[1] } Catch { Write-Host "Error replacing or removing certificate" } }
If ($cert_match.Count -gt 2) { Write-Host "Too many matching certificate; reduce matching certificate count to 2"; $cert_match | Select-Object Thumbprint, HasPrivateKey, NotBefore, NotAfter, Subject, Issuer }
If ($cert_match.Count -lt 2) { Write-Host "Only one matching certificate; review certificates and service config"; $cert_match | Select-Object Thumbprint, HasPrivateKey, NotBefore, NotAfter, Subject, Issuer }


  • No labels

Confluence Documentation | Web Privacy Policy | Web Accessibility