@@ -25,4 +25,55 @@ function Import-Certificate()
2525 }
2626}
2727
28- Export-ModuleMember " Import-Certificate"
28+ function Import-P12CertificateChain ()
29+ {
30+ [CmdletBinding ()]
31+ param (
32+ [parameter (Mandatory = $true , ValueFromPipeline = $true )]
33+ [string ]$P12Path ,
34+ # TODO use a SecureString
35+ [string ]$P12Password ,
36+ [switch ]$ImportCA
37+ )
38+ PROCESS
39+ {
40+ $p12AbsPath = Resolve-Path $P12Path
41+
42+ # Get the user's personal certificate store
43+ $store = New-Object System.Security.Cryptography.X509Certificates.X509Store(
44+ [System.Security.Cryptography.X509Certificates.StoreName ]::My,
45+ [System.Security.Cryptography.X509Certificates.StoreLocation ]::CurrentUser)
46+ $store.Open ([System.Security.Cryptography.X509Certificates.OpenFlags ]::ReadWrite)
47+
48+ # Get the user's Trusted Root CA store
49+ $castore = New-Object System.Security.Cryptography.X509Certificates.X509Store(
50+ [System.Security.Cryptography.X509Certificates.StoreName ]::Root,
51+ [System.Security.Cryptography.X509Certificates.StoreLocation ]::CurrentUser)
52+ $castore.Open ([System.Security.Cryptography.X509Certificates.OpenFlags ]::ReadWrite)
53+
54+ # Import the client cert and its CA cert
55+ $coll = new-object System.Security.Cryptography.X509Certificates.X509Certificate2Collection
56+ $coll.Import ($p12AbsPath , $P12Password ,
57+ ([System.Security.Cryptography.X509Certificates.X509KeyStorageFlags ]::UserKeySet -bor
58+ [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags ]::PersistKeySet))
59+
60+ foreach ($cert in $coll ) {
61+ Write-Host $cert.Subject
62+ Write-Host $cert.Thumbprint
63+
64+ # TODO: handle intermediate CAs
65+ if ($cert.Subject -eq $cert.Issuer ) {
66+ if ($ImportCA ) {
67+ $castore.Add ($cert )
68+ }
69+ }
70+ else {
71+ $store.Add ($cert )
72+ $clientcert = $cert
73+ }
74+ }
75+ }
76+ }
77+
78+ Export-ModuleMember " Import-Certificate"
79+ Export-ModuleMember " Import-P12CertificateChain"
0 commit comments