[英]Import-PfxCertificate returns FileNotFoundException
I'm trying to distribute a single self-signed certificate to a number of servers, into the personal certificate store of a set of service accounts.我正在尝试将单个自签名证书分发到多个服务器,并将其分发到一组服务帐户的个人证书存储中。 This certificate will be used to decrypt sensitive files that only the service accounts should be able to read.此证书将用于解密只有服务帐户才能读取的敏感文件。
The certificate was created as follows:证书创建如下:
New-SelfSignedCertificate -DnsName CredentialVault `
-CertStoreLocation "Cert:\CurrentUser\My" `
-KeyUsage KeyEncipherment,DataEncipherment -Type DocumentEncryptionCert `
-KeyAlgorithm RSA -KeyLength 2048
$computer = 'SERVER123.EXAMPLE.COM'
$cred = New-Object PSCredential 'MYDOMAIN\USER213', `
$(ConvertTo-SecureString -String 'P4$$w0Rd' -AsPlainText -Force)
$scriptBlock = {
Import-PfxCertificate -FilePath 'C:\temp\CredentialVault.pfx' `
-Password $(ConvertTo-SecureString -String '1234' -AsPlainText -Force) `
-CertStoreLocation "Cert:\CurrentUser\My"
}
Invoke-Command -ComputerName $computer -Credential $cred -ScriptBlock $scriptBlock
I was executing the code on the server SERVER123.EXAMPLE.COM
(but with a different account), just to see if it would work before trying remote servers.我正在服务器SERVER123.EXAMPLE.COM
上执行代码(但使用不同的帐户),只是为了在尝试远程服务器之前查看它是否可以工作。 That's why the file path is referring to a local file.这就是文件路径指的是本地文件的原因。
However, even though the file is accessible by the MYDOMAIN\\USER213
account (I tested the Import-PfxCertificate
command directly on the same server with that user first), PowerShell returns a System.IO.FileNotFoundException
as you can see below.但是,即使MYDOMAIN\\USER213
帐户可以访问该文件(我首先与该用户在同一台服务器上直接测试了Import-PfxCertificate
命令),PowerShell Import-PfxCertificate
返回System.IO.FileNotFoundException
,如下所示。
The PFX file could not be found.
+ CategoryInfo : NotSpecified: (:) [Import-PfxCertificate], FileNotFoundException
+ FullyQualifiedErrorId : System.IO.FileNotFoundException,Microsoft.CertificateServices.Commands.ImportPfxCertificate
+ PSComputerName : SERVER123.EXAMPLE.COM
I have no clue what the issue is.我不知道问题是什么。 Suggestions are more than welcome!非常欢迎建议!
Version info:版本信息:
可能你必须在路径中尝试使用变量$env:HOMEDRIVE\\temp\\CredentialVault.pfx
I ended up solving it by copying the file to the remote system first, through a PSSession
.我最终通过首先通过PSSession
将文件复制到远程系统来解决它。
Still no idea why this works and the original code didn't.仍然不知道为什么这有效而原始代码没有。 ¯\\_(ツ)_/¯ ¯\\_(ツ)_/¯
$certFile = 'C:\temp\CredentialVault.pfx'
$remoteFile = [System.IO.Path]::Combine('C:\Temp', [System.IO.Path]::GetFileName($certFile))
$certPassword = $(ConvertTo-SecureString -String '1234' -AsPlainText -Force)
$cred = Get-Credential
$sess = New-PSSession -ComputerName $server -Credential $cred
try {
Copy-Item -Path $certFile -ToSession $sess -Destination $remoteFile
Invoke-Command -Session $sess -ScriptBlock {
Import-PfxCertificate -FilePath $remoteFile `
-Password $certPassword `
-CertStoreLocation "Cert:\CurrentUser\My"
Remove-Item $remoteFile
}
}
finally {
Remove-PSSession $sess
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.