PowerShell script to query the ACE Certificate Authority (CA) for the CA's public key and add the public key to the system's local cert store

Add-ACECertificate.ps1

function Add-ACERootCertificate
{
    param
    (
        [Parameter(Mandatory = $true)]
        [string]
        $ServerIp,

        [Parameter()]
        [Int32]
        $ServerPort = 8888
    )

    $cfsslinfo = Invoke-WebRequest -Uri "http://$($ServerIp):$($ServerPort)/api/v1/cfssl/info" -Method Post -Body '{"domain": "primary"}' -ContentType application/json
    $EncodedCertBlob = ($cfsslinfo.Content | ConvertFrom-Json).result.certificate -replace "-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----|`n"
    $x509Cert = [System.Security.Cryptography.X509Certificates.X509Certificate]::new([System.Convert]::FromBase64String($certbase64))
    $CertThumbprint = $cert.GetCertHashString()

    Invoke-CimMethod -Namespace root/default -ClassName StdRegProv -MethodName CreateKey -Arguments @{
        hDefKey = [UInt32] 2147483650 # HKLM
        sSubKeyName = "SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\$CertThumbprint"
    }

    Invoke-CimMethod -Namespace root/default -ClassName StdRegProv -MethodName SetBinaryValue -Arguments @{
        hDefKey = [UInt32] 2147483650 # HKLM
        sSubKeyName = "SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\$CertThumbprint"
        sValueName = 'Blob'
        uValue = [Convert]::FromBase64String($EncodedCertBlob)
    }
}