Forum Discussion
Solved
PowerShell Export-PfxCertificate Problem
Hello Community, i have the following problem: When i export my root-Certificate as cer with PowerShell and with certmgr i get completly the same content in my files. BUT My child-pfx...
- Hello, how are you?
How many certificates "Get-ChildItem -Path $systemcertpath" is outputting? it seems it is probably more than one certificate there, but you need only one, right?
I used this and I got the same certificate size both with mmc and Ps
Get-ChildItem -Path cert:\LocalMachine\my\327911063683D218873824A150B695F3875F8A38 | Export-PfxCert
ificate -NoProperties -ChainOption EndEntityCertOnly -Password $mypwd -FilePath C:\Users\Desktop\qaz321.pfx
Hello
Exactly as you thought, -NoProperties description confirms
"Specifies whether the extended properties for a certificate are exported. If this parameter is specified, then extended properties are not included with the export. By default, all extended properties are included in the exported file."
Are they equal if you remove -NoProperties?
Exactly as you thought, -NoProperties description confirms
"Specifies whether the extended properties for a certificate are exported. If this parameter is specified, then extended properties are not included with the export. By default, all extended properties are included in the exported file."
Are they equal if you remove -NoProperties?
- Thanks for your answer!
When i remove -NoProperties, i get another file, but still not a copy of my pfx exported with crtmgr.
In addition i did not check "Export all extended properties" in crtmgr, so i will need "-NoProperties".
I specified the -CryptoAlgorithmOption, but it should be useless because TripleDES_SHA1 is the default Value.
I specified the -ChainOption with value BuildChain. I think thats the equivalent of my checked checkbox "Including all certificates in the certification path if possible" in crtmgr.
Still my pfx from PowerShell is much bigger, than my pfx from crtmgr.
Get-ChildItem -Path $systemcertpath | Export-PfxCertificate -FilePath $childcert -NoProperties -CryptoAlgorithmOption TripleDES_SHA1 -ChainOption BuildChain -Password $password- Hello, how are you?
How many certificates "Get-ChildItem -Path $systemcertpath" is outputting? it seems it is probably more than one certificate there, but you need only one, right?
I used this and I got the same certificate size both with mmc and Ps
Get-ChildItem -Path cert:\LocalMachine\my\327911063683D218873824A150B695F3875F8A38 | Export-PfxCert
ificate -NoProperties -ChainOption EndEntityCertOnly -Password $mypwd -FilePath C:\Users\Desktop\qaz321.pfx- Shame on me,
your are totally right. Its more than one Certificate there. And i referenced just to the cert-folder, not to the cert itself Small Fault, big effects. Now fixed -> File is much smaller. Its still not the same, but i will try if it will work.
Thank you so much for your eye-opening help!
