powershellautomationrsax509certificatex509certificate2
GetRSAPrivateKey UniqueName returns empty string
I am generating self signed certifcate using powershell script and importing it to the certificate store. Now I need to assign a new user in manage private keys section for the certificate.
I was trying the following code sample to do so.
$certificate = (import the certificate)
## Identify the user you'll be granting permission to
$grantee_name = 'dev\Batman'
$grantee = New-Object System.Security.Principal.NTAccount($grantee_name)
## Get the location and permission-of the cert's private key
$privatekey_rsa = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($certificate)
$privatekey_file_name = $privatekey_rsa.key.UniqueName
$privatekey_path = "${env:ALLUSERSPROFILE}\Microsoft\Crypto\Keys\${privatekey_file_name}"
$privatekey_file_permissions = Get-Acl -Path $privatekey_path
## Grant the user 'read' access to the key
$access_rule = New-Object System.Security.AccessControl.FileSystemAccessRule($grantee, 'Read', 'None', 'None', 'Allow')
$privatekey_file_permissions.AddAccessRule($access_rule)
Set-Acl -Path $privatekey_path -AclObject $privatekey_file_permissions
In my case
$privatekey_file_name = $privatekey_rsa.key.UniqueName
returns empty string. Attaching screenshot as well.
Solution
When you specify -path and -password parameters, private key is not persisted and the certificate is not installed. In order to install the certificate, you need to remove mentioned parameters and use -StoreLocation parameter to indicate in which store the certificate must be installed.
- Pull of AD users managers name and email to existing script powershell script
- Create Hashtable from JSON
- Where is the Chocolatey installation path?
- packer cant pass -var-file as input to build
- Query list of computers - output last logged on user and last logon date
- How do I access another user's registry hive using Powershell?
- PowerShell doesn't return an empty array as an array
- Rename SharePoint site with Graph API or REST
- How do I list certificates in personal store across all servers in domain
- How can I associate a file type with a powershell script?
- How do you set PowerShell's default directory?
- How to determine if a string is an NT Account or a Security Identifier?
- Saving button in powershell add element [SOLVED]
- How to run a PowerShell script
- Not able to spawn off email message from windows search in powershell
- How to get PowerShell to export error message to CSV?
- How to use secrets in Azure DevOps Powershell script task
- add and remove language with powershell commands and single batch file in Windows 10
- Read a variable from a .ps1 file and run a .ps1 script inside Pipeline with Git Repo
- PS function to populate IDs to URI
- Powershell- Getting a strange error when I try to replace characters in folder names
- powershell 5.1, how to use -TargetTypeForDeserialization in Update-TypeData?
- PowerShell Pester : Use a variable in multiple It-blocks and recognize function when invoked from PowerShell Window
- Simplest PowerShell method to get current time expressed as UTC
- Add Sip to proxyaddress attribute in AD using powershell
- How to loop in powershell until successful?
- does not work split on powershell
- How to create ConfigMap yaml manifest for Azure Kubernetes using shell or PowerShell script?
- How to enter a multi-line command
- Powershell script working in ISE, but not working in Azure Runbook