Export-HgsServerState

Exports the local Host Guardian Service instance's state to enable recovery scenarios.

Syntax

Export-HgsServerState
      [[-Path] <String>]
      -Password <SecureString>
      [-Force]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Export-HgsServer cmdlet exports the Host Guardian Service (HGS) state to enable recovery scenarios.

The cmdlet causes the following Host Guardian Service state to be exported to the specified output file:

  • Attestation Service policies
  • Attestation Service configuration data
  • Key Protection policies
  • Key Protection configuration data
  • Key Protection Signer Certificates and private keys
  • Key Protection Encryption Certificates and private keys

For more information about the scenario terms, see Security and Assurance.

Examples

Example 1: Export HGS server state and protect it with a password

PS C:\> Export-HgsServerState -Path "C:\HGS\ExportState.xml" -Password $Pass
Encrypted HGS Server State stored at the specified location

This command exports the HGS server state and protects the exported state using a password. The exported state is stored at the file specified by the Path parameter.

Use the ConvertTo-SecureString cmdlet to generate a secure string that represents the password.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Password

Specifies the password with which to encrypt the keys.

Type:SecureString
Position:Named
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Path

Specifies the path for the exported file.

Type:String
Aliases:FilePath
Position:1
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False