Jaa


Powershell trick #2 - creating CertificateStore XML

A few weeks ago I wrote about constructing CertificateStore XML by hand. You have to open up the certificate in the browser, and export it as base64 XML, and it's a pain.

Here's a Powershell script that makes it much easier. Just pass it the name of a certificate file on the command line and it will output XML to add the certificate to the ROOT store. Then you can turn the XML into a CAB file, or add it to install XML, or process it in your application.

 

 

# CertificateStore template for adding a ROOT cert
$certAddString = @"
<wap-provisioningdoc>
<characteristic type="CertificateStore">
<characteristic type="ROOT">
<characteristic type="{0}">
<parm name="EncodedCertificate" value="
{1}
"/>
</characteristic>
</characteristic>
</characteristic>
</wap-provisioningdoc>
"@

# Load in a .CER file from the command line
$cert = get-pfxcertificate $args[0]

# get the thumbprint
$certHash = $cert.GetCertHashString()

# Convert the encoded blob to base64 text
$encodedCertificate = [Convert]::ToBase64String($cert.GetRawCertData())

# print those into our WAP xml template
$outXml = $certAddString -f ($certHash, $encodedCertificate)

# finished - write the XML to the outbound pipeline
write-object $outXml

Comments

  • Anonymous
    March 11, 2006
    Would it be possible for you to explain a little further? Not every monkey can fully understand this new method...
  • Anonymous
    March 13, 2006
    I added some clarification on why you would want to do this above. If it's still not making any sense, let me know.
  • Anonymous
    May 01, 2008
    Scott, having some problems using our cert. from exchange server and getting it to unlock on the motoq.  The certificate does not have the same screens as on the blog page.   Help, please! Thanks!