Export-Certificate

Export-Certificate

Exports a certificate from a certificate store into a file.

Syntax

Parameter Set: Default
Export-Certificate -Cert <Certificate> -FilePath <String> [-Force] [-NoClobber] [-Type <CertType> ] [-Confirm] [-WhatIf] [ <CommonParameters>]

Detailed Description

The Export-Certificate cmdlet exports a certificate from a certificate store to a file. The private key is not included in the export. If more than one certificate is being exported, then the default file format is SST. Otherwise, the default format is CERT. Use the Type parameter to change the file format.

Parameters

-Cert<Certificate>

Specifies one or more certificates to be exported to a file. A single certificate object, an array of certificate objects, or a path to one or more certificates in a certificate store can be specified.

-FilePath<String>

Specifies the location where the exported certificate will be stored.

-Force

Specifies that the exported certificate file will overwrite an existing certificate file, unless the Read-only or hidden attribute is set or the NoClobber parameter is also used. The NoClobber parameter takes precedence over this parameter when both are used.

-NoClobber

Prevents an exported certificate file from overwriting an existing certificate file. This parameter takes precedence over the Force parameter, which permits this cmdlet to overwrite an existing certificate file, even if it has the Read-only attribute set.

-Type<CertType>

Specifies the type of output file for the certificate export as follows.
-- SST: A Microsoft serialized certificate store (.sst) file format which can contain one or more certificates. This is the default value for multiple certificates.
-- CERT: A .cer file format which contains a single DER-encoded certificate. This is the default value for one certificate.
-- P7B: A PKCS#7 file format which can contain one or more certificates.

-Confirm

Prompts you for confirmation before running the cmdlet.

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

<CommonParameters>

This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see    about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).

Inputs

The input type is the type of the objects that you can pipe to the cmdlet.

• System.Security.Cryptography.X509Certificates.X509Certificate2

  A Certificate object can be piped into to this cmdlet.

Outputs

The output type is the type of the objects that the cmdlet emits.

• System.IO.FileInfo

  The FileInfo object contains the information about the certificate file.

Examples

EXAMPLE 1

This example exports a certificate to the file system as a Microsoft serialized certificate store without its private key.

PS C:\> $cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF)

PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.sst -Type SST

EXAMPLE 2

This example exports a certificate to the file system as a DER-encoded .cer file without its private key.

PS C:\> $cert = (Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF)

PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.cer

EXAMPLE 3

This example exports a certificate to the file system as a PKCS#7-fomatted .p7b file without its private key.

PS C:\> $cert = ( Get-ChildItem -Path cert:\CurrentUser\My\EEDEF61D4FF6EDBAAD538BB08CCAADDC3EE28FF )

PS C:\> Export-Certificate -Cert $cert -FilePath c:\certs\user.p7b -Type p7b

EXAMPLE 4

This example exports all certificates under CurrentUser\my store into a Microsoft serialized certificate store allcerts.sst.

PS C:\> Get-ChildItem -Path cert:\CurrentUser\my | Export-Certificate –FilePath c:\certs\allcerts.sst -Type SST

Related topics

Import-Certificate

Get-ChildItem