Importing Certificates with PowerShell

If you find yourself updating certificates on Windows Servers often this method might help speed things up. Without PowerShell you would typically need to manually copy the new certificate to all of your servers then install them individually. Using PowerShell, we can copy the certificate to a collection of servers and then remotely install them on all of our servers without having to RDP to servers or using any remote management tools (other than PowerShell).

Our first step is to make some variables to store our server's name, certificate name, source file, and destination path. You'll need to modify these variables to suit your needs.

Once we have our variables setup, we'll use them to help us copy the PFX file to our destination server, using the Copy-Item cmdlet.

Once the destination server has a copy of the PFX file we can remotely import it on the server's local certificate store. To do this well use the Invoke-Command cmdlet to remotely execute our Import-PfxCertificate cmdlet on our destination server. If you exported your PFX certificate with a private key, we could pass that into the cmdlet as well as shown below.

Assuming you had no errors you've now successfully imported your new certificate on another server without having to login to it and use the certificate snap-in for MMC. The snippets above help for a single server, but if you have a few servers all we need to do is wrap this up in a ForEach loop. Your loop will copy and import your certificate on all the servers you provide, in the example below it will copy/import on 2 servers.

With PowerShell there's always another way to do something, we recently started using this method and it's been working great for us. If you have a different or better way to import certificates, feel free to share your thoughts in the comments section below.