Adding certificates for a serialized store (sst) file to an actual physical store

In my previous post I used the CMS type to open a PKCS7. Apparently X509Certificate2Collection Import method can also be used to open up a PKCS7. This would be far more simpler then using CMS.

Additionally, you might be asked to add the certificates you obtained from PKCS7 file or a serialized store (sst) file to an actual store. Below is an example powershell script to accomplish it:

 

[reflection.assembly]::LoadWithPartialName("System.Security")

$certs = new-object system.security.cryptography.x509certificates.x509certificate2collection

$certs.import("additionalroots.sst")

$store = new-object system.security.cryptography.X509Certificates.X509Store -argumentlist "AuthRoot", LocalMachine

$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]"ReadWrite")

$store.AddRange($certs)