-
Notifications
You must be signed in to change notification settings - Fork 69
CertificateExport
dscbot edited this page Dec 23, 2022
·
5 revisions
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Path | Key | String | The path to the file you that will contain the exported certificate. | |
| Thumbprint | Write | String | The thumbprint of the certificate to export. Certificate selector parameter. | |
| FriendlyName | Write | String | The friendly name of the certificate to export. Certificate selector parameter. | |
| Subject | Write | String | The subject of the certificate to export. Certificate selector parameter. | |
| DNSName | Write | StringArray[] | The subject alternative name of the certificate to export must contain these values. Certificate selector parameter. | |
| Issuer | Write | String | The issuer of the certificate to export. Certificate selector parameter. | |
| KeyUsage | Write | StringArray[] | The key usage of the certificate to export must contain these values. Certificate selector parameter. | |
| EnhancedKeyUsage | Write | StringArray[] | The enhanced key usage of the certificate to export must contain these values. Certificate selector parameter. | |
| Store | Write | String | The Windows Certificate Store Name to search for the certificate to export from. Certificate selector parameter. Defaults to 'My'. | |
| AllowExpired | Write | Boolean | Allow an expired certificate to be exported. Certificate selector parameter. | |
| MatchSource | Write | Boolean | Causes an existing exported certificate to be compared with the certificate identified for export and re-exported if it does not match. | |
| Type | Write | String | Specifies the type of certificate to export. |
Cert, P7B, SST, PFX
|
| ChainOption | Write | String | Specifies the options for building a chain when exporting a PFX certificate. |
BuildChain, EndEntityCertOnly
|
| Password | Write | PSCredential | Specifies the password used to protect an exported PFX file. | |
| ProtectTo | Write | StringArray[] | Specifies an array of strings for the username or group name that can access the private key of an exported PFX file without any password. | |
| IsExported | Read | Boolean | Returns true if the certificate file already exists and therefore has been exported. |
The resource is used to export a certificate from a Windows certificate store.
Exports a certificate as a CERT using the friendly name to identify it.
Configuration CertificateExport_CertByFriendlyName_Config
{
Import-DscResource -ModuleName CertificateDsc
Node localhost
{
CertificateExport SSLCert
{
Type = 'CERT'
FriendlyName = 'Web Site SSL Certificate for www.contoso.com'
Path = 'c:\sslcert.cer'
}
}
}Exports a certificate as a PFX using the friendly name to identify it.
Configuration CertificateExport_PfxByFriendlyName_Config
{
param
(
[Parameter(Mandatory = $true)]
[ValidateNotNullorEmpty()]
[System.Management.Automation.PSCredential]
$Credential
)
Import-DscResource -ModuleName CertificateDsc
Node localhost
{
CertificateExport SSLCert
{
Type = 'PFX'
FriendlyName = 'Web Site SSL Certificate for www.contoso.com'
Path = 'c:\sslcert.cer'
Password = $Credential
}
}
}