Install Adobe Generated Certificate

With the new Adobe Console, Adobe now offers the option to generate a certificate for you. To utilize this certificate, with AdobeUMInterface, you need to modify it a bit. I will be focusing on installing the certificate in the Windows Certificate store in this guide.

First, when you created your service account, you should have automatically downloaded a "config.zip" file. This file contains your private key. This key is what we need to install.

This private key file is not natively understood by Windows. We need to join the key and the "certificate_pub.crt" file into one PFX file. To do this, we will use OpenSSL. OpenSSL is not a native command and must be downloaded before use. In my example, I used the version that came preinstalled with GIT for Windows. The following command shows how to join these files together.

openssl pkcs12 -export -out cert.pfx -inkey private.key -in certificate_pub.crt

This command will ask you for a password, this password protects the PFX file in case you need to transfer it. This will be needed to install the certificate later.

Now that we have our PFX file, we need to import it into Windows BUT we need to ensure it is imported using the "Microsoft Enhanced RSA and AES Cryptographic Provider". This provider is required for Windows to use the right algorithms for the Adobe API endpoints. To do this, we need to use another tool, "certutil". Certutil should already be installed on your Windows system, so just enter the following command to import the cert into the localmachine store.

certutil -csp "Microsoft Enhanced RSA and AES Cryptographic Provider" -importPFX -p "<your password here>" "<Path to the PFX file Here>"

Now if you check your machine's certificate store, you should see your newly installed certificate. By default it is named "Console"

Finally you can use it with the AdobeUMInterface. Use the Import-AdobeUMCert with CertStore and CertThumbprint arguments. The thumbprint can be found in the certificates console.