So as part of the provisioning process, many companies will have their servers import and export certs. It shouldn’t matter if you use a third party CA or an Enterprise CA, these scripts simply create a CSR ‘Request-NewCert’ and import the .cer file ‘Import-Cert’.
1a. Go to my gwSecurity section on Github and run the scripts for importing and exporting certificates.
The ‘Request-NewCert’ will create a CSR that you can run through a third party CA and get the .cer file to import.
Then you can run ‘Import-Cert’ to import it to the Cert:\LocalMachine\My\ location.
If you want, you can also run the ‘Show-ComputerCerts’ scripts to open an MMC file directly to your local machine certificates.
- After importing, make sure that you see the lock icon next to the certs name. This verifies you have both the public and private key for the cert.
I have seen cases where certs didn’t import correctly. If that happens, just run:
Open an admin CMD prompt and type:
certutil –repairstore my
certutil –repairstore my 43e5e29096b64fd91a03b44eb040283f