Export-Certificate
Export-Certificate
Exports a certificate from a certificate store into a file.
Syntax
Parameter Set: Default
Export-Certificate -Cert <Certificate> -FilePath <String> [-Force] [-NoClobber] [-Type <CertType> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Export-Certificate cmdlet exports a certificate from a certificate store to a file. The private key is not included in the export. If more than one certificate is being exported, then the default file format is SST. Otherwise, the default format is CERT. Use the Type parameter to change the file format.
Parameters
-Cert<Certificate>
Specifies one or more certificates to be exported to a file. A single certificate object, an array of certificate objects, or a path to one or more certificates in a certificate store can be specified.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
true (ByValue) |
Accept Wildcard Characters? |
false |
-FilePath<String>
Specifies the location where the exported certificate will be stored.
Aliases |
none |
Required? |
true |
Position? |
named |
Default Value |
none |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Force
Specifies that the exported certificate file will overwrite an existing certificate file, unless the Read-only or hidden attribute is set or the NoClobber parameter is also used. The NoClobber parameter takes precedence over this parameter when both are used.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-NoClobber
Prevents an exported certificate file from overwriting an existing certificate file. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite an existing certificate file, even if it has the Read-only attribute set.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Type<CertType>
Specifies the type of output file for the certificate export as follows.
-- SST: A Microsoft serialized certificate store (.sst) file format which can contain one or more certificates. This is the default value for multiple certificates.
-- CERT: A .cer file format which contains a single DER-encoded certificate. This is the default value for one certificate.
-- P7B: A PKCS#7 file format which can contain one or more certificates.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
SST |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
System.Security.Cryptography.X509Certificates.X509Certificate2
A Certificate object can be piped into to this cmdlet.
Outputs
The output type is the type of the objects that the cmdlet emits.
System.IO.FileInfo
The FileInfo object contains the information about the certificate file.
Examples
EXAMPLE 1
This example exports a certificate to the file system as a Microsoft serialized certificate store without its private key.
PS C:\> $cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF)
PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.sst -Type SST
EXAMPLE 2
This example exports a certificate to the file system as a DER-encoded .cer
file without its private key.
PS C:\> $cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF)
PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.cer
EXAMPLE 3
This example exports a certificate to the file system as a PKCS#7-fomatted .p7b file without its private key.
PS C:\> $cert = ( Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF )
PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.p7b -Type p7b
EXAMPLE 4
This example exports all certificates under CurrentUser\my store into a Microsoft serialized certificate store allcerts.sst.
PS C:\> Get-ChildItem -Path cert:\CurrentUser\my | Export-Certificate –FilePath c:\certs\allcerts.sst -Type SST