从驱动程序将证书导入TrustedPublisher,以进行静默驱动程序安装 [英] Import certificate to TrustedPublisher from driver for silent driver installation
问题描述
我想安装Balloon驱动程序以便在KVM中运行Windows,而无需用户进行任何交互(静默安装).
I would like to install the Balloon driver for running my Windows in KVM without user any interaction (silent installation).
我正在使用Powershell将驱动程序中的证书提取到一些临时文件中,然后使用certutil.exe将其导入TrustedPublisher:
I'm using powershell to extract the certificate form the driver to some temporary file and then import it to TrustedPublisher using certutil.exe:
$cert = (Get-AuthenticodeSignature "D:\Balloon\2k12R2\amd64\blnsvr.exe").SignerCertificate; [System.IO.File]::WriteAllBytes("c:\redhat.cer", $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert));
certutil.exe -f -addstore "TrustedPublisher" c:\redhat.cer
然后,我可以安装驱动程序而无需通过确认来打扰用户:
Then I can install the driver without bothering the user by confirmation:
pnputil -i -a "d:\Balloon\2k12R2\amd64\*.inf"
如何改进此任务以在Powershell中完成所有任务-无需将证书提取到临时文件中并使用certutil.exe导入它?
How can I improve this task to do it all in powershell - without extracting the certificate to temporary file and using certutil.exe to import it?
推荐答案
您可以将证书数据存储在变量中,并将其直接添加到所需的存储中.例如,使用您的路径/目标:
You can store cert data in variable, and add it directly to desired store. For example, using your path/target:
$Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$Cert.Import((((Get-AuthenticodeSignature "D:\Balloon\2k12R2\amd64\blnsvr.exe").SignerCertificate).Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert)))
$store = Get-Item "cert:\LocalMachine\TrustedPublisher"
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")
$store.Add($Cert)
$store.Close()
这篇关于从驱动程序将证书导入TrustedPublisher,以进行静默驱动程序安装的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!