diff --git a/xCAT-server/share/xcat/netboot/windows/xcatlibs.psm1 b/xCAT-server/share/xcat/netboot/windows/xcatlibs.psm1
new file mode 100644
index 000000000..1b9c725cc
--- /dev/null
+++ b/xCAT-server/share/xcat/netboot/windows/xcatlibs.psm1
@@ -0,0 +1,20 @@
+# IBM(c) 2013 EPL license http://www.eclipse.org/legal/epl-v10.html
+# This function specifically validates that the peer we are talking to is signed by the xCAT blessed CA and no other CA
+Function xCAT-Verify-Cert ($sender, $cert, $chain, $polerrs) {
+        foreach ($cert in $chain.chainElements) {
+                $cathumb=$cert.Certificate.thumbprint
+        }
+	if ($scrpt:xcatcacert.thumbprint -ne $cathumb) {
+		return $false
+	}
+	return $true
+}
+
+#we import the xCAT certificate authority into the appropriate scope
+Function xCAT-Import-CA ( $certpath ) {
+	$script:xcatcacert=Import-Certificate -FilePath $certpath -CertStoreLocation Cert:\LocalMachine\root 
+}
+Function xCAT-Remove-CA () {
+	rm cert:\localmachine\root\$script:xcatcacert.thumbprint
+}
+