[python-win32] Import Certificate with Private Key to Current Computer Certificate store

Mark Hammond skippy.hammond at gmail.com
Thu May 26 20:45:08 EDT 2022 

Hi!

I know almost nothing about certificate stores, but as luck would have 
it, someone did report some issues recently, so it turns out there is a 
PR that (a) tries to fix a couple of issues and (b) adds a test that 
adds certificates to the store - see 
https://github.com/mhammond/pywin32/pull/1863, particularly 
test_win32crypt.py, which can hopefully be found at 
https://github.com/mhammond/pywin32/pull/1863/files#diff-9f6fa3983d625ad71f59c9b4662dc07ea20602ffb5c3b1aa58e5e59fa759dff7

HTH,

Mark

On 27/05/2022 10:40 am, Steven Manross wrote:
> Howdy,
> 
> I am finishing up some work on requesting certificates from an internal Microsoft CA, and then importing the certs to the local windows certificate store, butd was having difficulty determining what function to use to import a Certificate with Private Key (P12/PFX) to a the computer's Certificate store.  I've got everything else handled up to this point (I think), but now I am stuck.
> 
> I see two possible functions for likely adding the certificate to the store:
> 	http://timgolden.me.uk/pywin32-docs/win32crypt__CertAddSerializedElementToStore_meth.html
> 		* likely the way to go, but I don't see in the documentation how to take my Cert with Key and convert it to the necessary structure
> 	http://timgolden.me.uk/pywin32-docs/win32crypt__PFXImportCertStore_meth.html
> 		* this one I'm not so sure about (not likely what I want to do)
> 
> ...but  also see this:
> 	https://stackoverflow.com/questions/61888404/how-do-i-install-a-certificate-to-trusted-root-certificates-using-python
> 		* however I cannot read the PFX correctly (presumably due to the encrypted nature of the certificate with key).
> 		* I DO have the base64 PEM crt and key files if that helps me in this process
> 		* the CertStore code from this post looks like what I need to get to the CertStore, however
> 
> The certificates I'm trying to work with are typically for webserver renewals.
> 
> If anyone has knowledge and is willing to share, I'd appreciate it!
> 
> Please and Thank you,
> Steven
> _______________________________________________
> python-win32 mailing list
> python-win32 at python.org
> https://mail.python.org/mailman/listinfo/python-win32

More information about the python-win32 mailing list