Windows – how to create Automatic install user based certificate from ADCS with script

We have a certificate server from which users are able to download their certificate (User Template) from this URL: http://localhost/certsrv.

I now want to create a script which will do the following:

Delete the existing certificate from Personal Certificate store.
Install the new certificate in Personal certificate store.

I already made the script, and it is able to delete the certificate but installation is not happening because the command is not supporting in Windows 7.

Here is my code:

# User Details
$dom = $env:userdomain
$usr = $env:username
$fulname = ([adsi]"WinNT://$dom/$usr,user").fullname

#get certificate & Remove the certificate
$Cert = Get-ChildItem -Path Cert:\CurrentUser\My | Where-Object {$_.Subject -match "$fulname"} | Remove-Item

#Install new certificate
Get-Certificate -Template User -DnsName mydomain.com -CertStoreLocation cert:\CurrentUser\My

Best Answer

I believe you will need to use the command-line tool certutil.exe on Windows 7. It's use is documented here: https://technet.microsoft.com/en-us/library/cc732443(v=ws.11).aspx and available when Certificate Services are installed.

For example:

certutil -addstore -user -f "My" "Path to certificate\certificate.cer"

You can make use of this tool from within a PowerShell script.

Best Answer

Related Solutions

PowerShell – How to Check if Running with Administrator Privileges

Powershell – Install – Import PFX Certificate to separate local account’s Personal store – Automated

Related Topic