Re: [python-win32] Import Certificate with Private Key to Current Computer Certificate store

Thu, 26 May 2022 17:45:36 -0700 

Hi!
I know almost nothing about certificate stores, but as luck would have it, someone did report some issues recently, so it turns out there is a PR that (a) tries to fix a couple of issues and (b) adds a test that adds certificates to the store - see https://github.com/mhammond/pywin32/pull/1863, particularly test_win32crypt.py, which can hopefully be found at https://github.com/mhammond/pywin32/pull/1863/files#diff-9f6fa3983d625ad71f59c9b4662dc07ea20602ffb5c3b1aa58e5e59fa759dff7 

HTH,

Mark

On 27/05/2022 10:40 am, Steven Manross wrote:

Howdy,

I am finishing up some work on requesting certificates from an internal 
Microsoft CA, and then importing the certs to the local windows certificate 
store, butd was having difficulty determining what function to use to import a 
Certificate with Private Key (P12/PFX) to a the computer's Certificate store.  
I've got everything else handled up to this point (I think), but now I am stuck.

I see two possible functions for likely adding the certificate to the store:
        
http://timgolden.me.uk/pywin32-docs/win32crypt__CertAddSerializedElementToStore_meth.html
                * likely the way to go, but I don't see in the documentation 
how to take my Cert with Key and convert it to the necessary structure
        
http://timgolden.me.uk/pywin32-docs/win32crypt__PFXImportCertStore_meth.html
                * this one I'm not so sure about (not likely what I want to do)

...but  also see this:
        
https://stackoverflow.com/questions/61888404/how-do-i-install-a-certificate-to-trusted-root-certificates-using-python
                * however I cannot read the PFX correctly (presumably due to 
the encrypted nature of the certificate with key).
                * I DO have the base64 PEM crt and key files if that helps me 
in this process
                * the CertStore code from this post looks like what I need to 
get to the CertStore, however

The certificates I'm trying to work with are typically for webserver renewals.

If anyone has knowledge and is willing to share, I'd appreciate it!

Please and Thank you,
Steven
_______________________________________________
python-win32 mailing list
python-win32@python.org
https://mail.python.org/mailman/listinfo/python-win32


_______________________________________________
python-win32 mailing list
python-win32@python.org
https://mail.python.org/mailman/listinfo/python-win32






















					Reply via email to