What is the best method in PowerShell for exporting a users AD certificate and storing in a data file.
I can get the users certificate:
$user = Get-ADuser "tester01"
$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $user.usercertificate
I want to export this to a file so that I can import it later to a users AD account using PowerShell.
How do I do this?
The PKI issued user certs is on their computer. Just use the certificate drive to get them. Get-PSDrive, Get-ChildItem -Path Cert:. See the help file and the help file examples.
Or use...
Module: PKIClient
Exports a certificate from a certificate store into a file.
# Get specifics for a module, cmdlet, or function
(Get-Command -Name Export-Certificate).Parameters
(Get-Command -Name Export-Certificate).Parameters.Keys
Get-help -Name Export-Certificate -Examples
# Results
<#
$cert = (Get-ChildItem -Path
Export-Certificate -Cert $cert -FilePath c:\certs\user.sst -Type SST
$cert = (Get-ChildItem -Path
Export-Certificate -Cert $cert -FilePath c:\certs\user.cer
$cert = ( Get-ChildItem -Path
Export-Certificate -Cert $cert -FilePath c:\certs\user.p7b -Type p7b
Get-ChildItem -Path cert:\CurrentUser\my | Export-Certificate ûFilePath
#>
Get-help -Name Export-Certificate -Full
Get-help -Name Export-Certificate -Online
See also: