Certificate into CurrentUser Root without security prompt

kneufeld's Avatar

kneufeld

30 Nov, 2017 08:09 AM

I am trying to get a certificate chain imported into the CurrentUser stores: My, CA and Root but I am having an issue getting a cert imported into the latter without a security prompt. An unfortunate requirement for integration with a 3rd party, their DLL requires the certs be in CurrentUser stores.

I need to get these imported into the build server. I prefer not having to make a custom image.

Any insight how to suppress the prompt? I am going to try disabling UAC; I have doubts.

  1. Support Staff 1 Posted by Ilya Finkelshte... on 30 Nov, 2017 08:56 PM

    Ilya Finkelshteyn's Avatar

    Let me please clarify. Certificate chain is in form of .pfx with a full chain? What command do you use to import it?

  2. 2 Posted by kneufeld on 19 Dec, 2017 05:24 PM

    kneufeld's Avatar

    Iila,

    FYI: Using PS Import-PfxCertificate of `.pfx` does not import the certificate Root Certificate of the chain in the correct place `CurrentUser\Root` it imports the root to `Intermediate Certificates` and our tests for SecureBlackbox cannot find/use the full certificate chain.

    The real question: Any recent image updates to Visual Studio 2017?

    I asking because our testing of SecureBoxbox dlls can no longer can use the imported certificate when we import certificates at install section of the build configuration file with PowerShell, but when imported the certificate in the same PowerShell block as our tests, tests for Secureblackbox passes without issue.

    Quirky issue, I am not sure why this would break and why running all in the same PS block would allow access without issue. Some environment/permissions update issue?

    Cheers,
    Kevin

    On November 30, 2017 at 12:56:11 PM, Ilya Finkelshteyn ([email blocked]<mailto:[email blocked]>) wrote:

  3. Support Staff 3 Posted by Ilya Finkelshte... on 19 Dec, 2017 08:40 PM

    Ilya Finkelshteyn's Avatar

    Yes, it was 2 updates to Visual Studio 2017last week. https://www.appveyor.com/updates/

    I need repro in the public repository if you need me to help with certificates issues.

  4. 4 Posted by kneufeld on 02 Jan, 2018 04:55 PM

    kneufeld's Avatar

    Ilya,

    Sorry for the delay in responding back. I was able to find and fix the cause of the error. I added a test to check if the certificate is valid and re-issues the certificate.

    Thanks for your help.

    On December 19, 2017 at 12:41:02 PM, Ilya Finkelshteyn ([email blocked]<mailto:[email blocked]>) wrote:

  5. Support Staff 5 Posted by Ilya Finkelshte... on 02 Jan, 2018 06:06 PM

    Ilya Finkelshteyn's Avatar

    Thank you for update!

  6. Ilya Finkelshteyn closed this discussion on 02 Jan, 2018 06:06 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac