14

I have a client side cert PFX from some idiot to allow some users access his website and I need to script it so I can allow multiple users to auto import this cert into the local store during a logon to our RDS environment.

This cert also came with a long complicated password that I need to pass to said function.

So I had the bright idea of using PS function Import-PFXCertificate to do this. 

$PlainTextPass = "f4@)]\as1"

$pfxpass = $PlainTextPass |ConvertTo-SecureString -AsPlainText -Force  

Import-PfxCertificate -filepath C:\important.pfx cert:\CurrentUser\my -
Password  $pfxpass

It fails with this error, and I can't find any direct reference to it on the web.

Import-PfxCertificate : The PFX file you are trying to import requires either a different password or membership in an Active Directory principal to which it is protected.

The test user I am running against is a domain admin. Not that should matter as it's installing the cert into CurrentUser

henrycarteruk
  • 12,708
  • 2
  • 36
  • 40
Andy Denley
  • 141
  • 1
  • 1
  • 3

3 Answers3

5

Try surrounding the plain text password with single quotes instead of double quotes. I had a password with $ in it that gave me the same error until I swapped the quotes.

ctschap
  • 51
  • 1
  • 4
1

I was able to resolve the same issue in my case after I have stumbled upon similar post in ServerFault - Wrong password during pfx certificate import Windows(10, 2016)
My certificate was encoded during export to PFX using AES256-SHA256, switching to TripleDES-SHA1 resolved the problem.

ViktorZ
  • 901
  • 1
  • 10
  • 26
-1

Try changing the password. Just keep alphabetic letters. This solved the issue for me.

Ashique Razak
  • 487
  • 3
  • 8