导入 PfxCertificate 返回 FileNotFoundException
[英]Import-PfxCertificate returns FileNotFoundException
问题描述
I'm trying to distribute a single self-signed certificate to a number of servers, into the personal certificate store of a set of service accounts.
我正在尝试将单个自签名证书分发到多个服务器,并将其分发到一组服务帐户的个人证书存储中。 This certificate will be used to decrypt sensitive files that only the service accounts should be able to read.此证书将用于解密只有服务帐户才能读取的敏感文件。
The certificate was created as follows:证书创建如下:
New-SelfSignedCertificate -DnsName CredentialVault `
-CertStoreLocation "Cert:\CurrentUser\My" `
-KeyUsage KeyEncipherment,DataEncipherment -Type DocumentEncryptionCert `
-KeyAlgorithm RSA -KeyLength 2048
$computer = 'SERVER123.EXAMPLE.COM'
$cred = New-Object PSCredential 'MYDOMAIN\USER213', `
$(ConvertTo-SecureString -String 'P4$$w0Rd' -AsPlainText -Force)
$scriptBlock = {
Import-PfxCertificate -FilePath 'C:\temp\CredentialVault.pfx' `
-Password $(ConvertTo-SecureString -String '1234' -AsPlainText -Force) `
-CertStoreLocation "Cert:\CurrentUser\My"
}
Invoke-Command -ComputerName $computer -Credential $cred -ScriptBlock $scriptBlock
I was executing the code on the server SERVER123.EXAMPLE.COM (but with a different account), just to see if it would work before trying remote servers.我正在服务器SERVER123.EXAMPLE.COM上执行代码(但使用不同的帐户),只是为了在尝试远程服务器之前查看它是否可以工作。 That's why the file path is referring to a local file.这就是文件路径指的是本地文件的原因。
However, even though the file is accessible by the MYDOMAIN\\USER213 account (I tested the Import-PfxCertificate command directly on the same server with that user first), PowerShell returns a System.IO.FileNotFoundException as you can see below.但是,即使MYDOMAIN\\USER213帐户可以访问该文件(我首先与该用户在同一台服务器上直接测试了Import-PfxCertificate命令),PowerShell Import-PfxCertificate返回System.IO.FileNotFoundException ,如下所示。
The PFX file could not be found.
+ CategoryInfo : NotSpecified: (:) [Import-PfxCertificate], FileNotFoundException
+ FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.CertificateServices.Commands.ImportPfxCertificate
+ PSComputerName : SERVER123.EXAMPLE.COM
I have no clue what the issue is.我不知道问题是什么。 Suggestions are more than welcome!非常欢迎建议!
Version info:版本信息:
- Windows Server 2016视窗服务器 2016
- PowerShell 5.1.14393.3471 PowerShell 5.1.14393.3471
2 个解决方案
解决方案1
0 2020-02-27 12:11:11
可能你必须在路径中尝试使用变量$env:HOMEDRIVE\\temp\\CredentialVault.pfx
解决方案2
0 已采纳 2020-03-01 15:44:54
I ended up solving it by copying the file to the remote system first, through a PSSession .我最终通过首先通过PSSession将文件复制到远程系统来解决它。
Still no idea why this works and the original code didn't.仍然不知道为什么这有效而原始代码没有。 ¯\\_(ツ)_/¯ ¯\\_(ツ)_/¯
$certFile = 'C:\temp\CredentialVault.pfx'
$remoteFile = [System.IO.Path]::Combine('C:\Temp', [System.IO.Path]::GetFileName($certFile))
$certPassword = $(ConvertTo-SecureString -String '1234' -AsPlainText -Force)
$cred = Get-Credential
$sess = New-PSSession -ComputerName $server -Credential $cred
try {
Copy-Item -Path $certFile -ToSession $sess -Destination $remoteFile
Invoke-Command -Session $sess -ScriptBlock {
Import-PfxCertificate -FilePath $remoteFile `
-Password $certPassword `
-CertStoreLocation "Cert:\CurrentUser\My"
Remove-Item $remoteFile
}
}
finally {
Remove-PSSession $sess
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.