First of all - great script - this is making my life significantly more happy!
I'm trying to install using the following command (using PSPKI v1.8) :
Install-CertificationAuthority -CAName "RootCA" -CADNSuffix "OU=Test,C=US" -CAType "Standalone Root" -CSP "RSA#nCipher Security World Key Storage Provider" -KeyLength 2048 -HashAlgorithm SHA256 -ValidForYears 10 -DBDirectory
"C:\CA\CertDB" -LogDirectory "C:\CA\CertLog" -AllowCSPInteraction
CAPolicy.inf is pretty basic (thanks to your script) - pretty much just defining the critical values & legal notice. OS is 2008 R2 Enterprise SP1 with current patches.
The nCipher middleware is installed & Operator Card Set is created. If I do this using the standard GUI everything works fine. If I just use the default MS CSP then everything works fine with the script.
I get an error similar to the following (copied from a note - might not be exactly verbatim):
"Exception call Installl with '0' argument(s)
CCertSrvSetup::Install Provider could not perform action since context was acquired as silent.
This seems to be an issue with the CSP, so I found the -AllowCSPInteraction switch and that did not help. Basically, it should prompt for the user to enter their operator card & enter the pin via the secure Desktop0 (I didn't think until now
to check to see if restarting UI0Detect would help any, but I doubt it) - however Desktop 0 never appears, nor does any kind of prompt for a card. I tried adding "Silent=FALSE" in the capolicy.inf under the certsrv_server section and that did
not help. I tried taking a quick look through the code, but I'm not really seeing where it comes into play like -force does.
Am I missing something? Thanks in advance!