Home » PowerShell » PowerShell Export Certificate with Private Key

PowerShell Export Certificate with Private Key

by

Pfx (Personal Information Exchange) file is a certificate in PKCS#12 format. It is password protected file that contains private keys and public keys. In PowerShell to export a certificate with the private key, use the Export-PfxCertificate cmdlet.

PowerShell Export Certificate with Private Key
PowerShell Export Certificate with Private Key

In PowerShell, use the Get-ChildItem cmdlet to retrieve certificate details from the certificate store. Use the Export-PfxCertificate with necessarily required parameters like password, and pfx file path, the certificate can be easily output to .pfx file.

In this article, we will discuss how to export a certificate with a private key using the Export-PfxCertificate cmdlet in PowerShell.

Table of Contents hide
1 Export Certificate with Private key in PowerShell
2 Conclusion

Export Certificate with Private key in PowerShell

Use the Get-ChildItem cmdlet in PowerShell to get a certificate by thumbprint. To output, a certificate with a private key requires password protection, hence declaring a variable that stores the password.

Run the following script to save the certificate with the private key in the pfx file.

$pwd = ConvertTo-SecureString -String "@dev-EU01#" -Force -AsPlainText

$exportPath = 'D:\exported_iiscert.pfx'

$iiscert = Get-ChildItem -Path Cert:\LocalMachine\My\ | where{$_.Thumbprint -eq "95CC2B4A5A21404317D4C3C01276FBE08AA96546"}

Export-PfxCertificate -Cert $iiscert -FilePath $exportPath -Password $pwd

In the above PowerShell script, the $pwd variable contains the password.

The $exportPath variable stores the destination path of .pfx file where the certificate will be output with a private key.

The Get-ChildItem cmdlet uses the Path parameter to accept LocalMachine\My certificate store location path to retrieve the certificate where the thumbprint is equal to the provided value and assign the result to the $iiscert variable.

The Export-PfxCertificate cmdlet in PowerShell uses the Cert parameter to specify the certificate retrieved and -FilePath parameter to export the certificate with the private key to the destination folder.

The output of the above PowerShell script output certificate with the private key in .pfx file format on the destination path.

Cool Tip: How to export the certificate to PEM in PowerShell!

Conclusion

I hope the above article on how to export the certificate with a private key using the Export-PfxCertificate command is helpful to you.

You can find more topics about PowerShell Active Directory commands and PowerShell basics on the ShellGeek home page.