Import-PfxCertificate
Import-PfxCertificate
Imports certificates and private keys from a Personal Information Exchange (PFX) file to the destination store.
Syntax
Parameter Set: Default
Import-PfxCertificate [-FilePath] <String> [[-CertStoreLocation] <String> ] [-Exportable] [-Password <SecureString> ] [-Confirm] [-WhatIf] [ <CommonParameters>]
Detailed Description
The Import-PfxCertificate cmdlet imports certificates and private keys from a PFX file to the destination store. Certificates with and without private keys in the PFX file are imported, along with any external properties that are present.
Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.
Parameters
-CertStoreLocation<String>
Specifies the path of the store to which certificates will be imported. If this parameter is not specified, then the current path is used as the destination store.
Aliases |
none |
Required? |
false |
Position? |
2 |
Default Value |
. |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Exportable
Specifies whether the imported private key can be exported. If this parameter is not specified, then the private key cannot be exported.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-FilePath<String>
Specifies the path for the PFX file.
Aliases |
none |
Required? |
true |
Position? |
1 |
Default Value |
none |
Accept Pipeline Input? |
true (ByPropertyName) |
Accept Wildcard Characters? |
false |
-Password<SecureString>
Specifies the password for the imported PFX file in the form of a secure string.
Aliases |
none |
Required? |
false |
Position? |
named |
Default Value |
NULL |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-Confirm
Prompts you for confirmation before running the cmdlet.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
Required? |
false |
Position? |
named |
Default Value |
false |
Accept Pipeline Input? |
false |
Accept Wildcard Characters? |
false |
<CommonParameters>
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, -OutBuffer, and -OutVariable. For more information, see about_CommonParameters (https://go.microsoft.com/fwlink/p/?LinkID=113216).
Inputs
The input type is the type of the objects that you can pipe to the cmdlet.
System.String
A String containing the path to the PFX file.
Outputs
The output type is the type of the objects that the cmdlet emits.
System.Security.Cryptography.X509Certificates.X509Certificate2
The imported X509Certificate2 object contained in the PFX file that is associated with private keys.
Examples
EXAMPLE 1
This example imports the PFX file my.pfx with a private non-exportable key into the My store for the machine account.
PS C:\> $mypwd = ConvertTo-SecureString -String "1234" -Force –AsPlainText
PS C:\> Import-PfxCertificate –FilePath C:\mypfx.pfx cert:\localMachine\my -Password $mypwd
EXAMPLE 2
This example imports the PFX file my.pfx with a private non-exportable key into the My store for the current user with private key exportable. The Password parameter is not required since this PFX file is not password protected.
PS C:\> Get-ChildItem -Path c:\mypfx\my.pfx | Import-PfxCertificate -CertStoreLocation Cert:\CurrentUser\My –Exportable
EXAMPLE 3
This example imports the PFX file mypfx.pfx into the My store for the machine account. The Password parameter is not required since this PFX file is protected using the domain account of this machine. This requires a Windows Server® 2012 domain controller.
PS C:\> Set-Location -Path cert:\localMachine\my
PS C:\> Import-PfxCertificate –FilePath c:\mypfx.pfx