Export-Certificate Cmdlet
Parameters Output Objects Configuration Settings
The Export-Certificate cmdlet is used to export an X.509 certificate from a certificate store.
Syntax
Export-Certificate [parameters]
Remarks
This will save the certificate specified by CertStore, CertStoreType, CertStorePassword and
Subject to a PFX file. The certificate and its private key are saved to the file
specified by OutputFile in PKCS12 format. The file contents are protected by Password.
# export a certificateexport-certificate -CertStore Root -CertStoreType User -Subject $subject -OutputFile $file -Password $passwordParameter List
The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.
| LogFile | The location of a file to which debug information is written. |
| CertStore | The name of the certificate store for the client certificate. |
| CertStorePassword | The password for the certificate store (if any). |
| CertStoreType | The type of certificate store for the client certificate. |
| Config | Specifies one or more configuration settings. |
| LogFile | The location of a file to which debug information is written. |
| OutputFile | The output file. |
| Password | The certificate's password. |
| PublicKeyOnly | Whether to export public key only. |
| Subject | Specifies the subject of the certificate to get. |
Output Objects
The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.
| ExportedCert | This object is returned for each certificate exported from a store. |
Configuration Settings
The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.
| CertificateOutputFormat | The format of the output certificate. |
| CertComment | A comment to include in a saved certificate. |
| CertificateOutputFormat | The format of the certificate to save. |
| CertKeyLength | The public key length for created certificates and keys. |
| CertKeyType | The types of keys created for new certificates. |
| CertPublicKeyAlgorithm | The public key algorithm used when a certificate is created. |
| CertSignatureAlgorithm | The signature algorithm used when creating certificates. |
| CertValidityTime | The validity period for the certificate. |
| CertValidityOffset | The number of days until the certificate becomes valid. |
| CSP | The Cryptographic Service Provider. |
| ExportedCert | The exported certificate file. |
| ExportFormat | The format of the exported certificate. |
| ImportCertAction | Specified the action to take if a matching certificate or a link to a matching certificate already exists. |
| JWKAlgorithm | The JWK algorithm. |
| JWKKeyId | The JWK key Id. |
| JWKKeyOps | The JWK intended key operations list. |
| JWKUse | The JWK use parameter value. |
| KeyFormat | How the public and private key are formatted. |
| ReplaceKey | Whether or not to replace an existing key when creating a new key. |
| RequestSubjectAltNames | Subject Alternative Names for a Certificate Signing Request. |
| SavedCert | The saved certificate file. |
| SubjectAltNames | Subject Alternative Names for creating or issuing certificates. |
| UseBackgroundThread | Whether threads created by the cmdlet are background threads. |
| UseInternalSecurityAPI | Tells the cmdlet whether or not to use the system security libraries or an internal implementation. |