Export-Hgs Server State

Exports the local Host Guardian Service instance's state to enable recovery scenarios.

Syntax

Export-HgsServerState
      [[-Path] <String>]
      -Password <SecureString>
      [-Force]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Export-HgsServer cmdlet exports the Host Guardian Service (HGS) state to enable recovery scenarios.

The cmdlet causes the following Host Guardian Service state to be exported to the specified output file:

  • Attestation Service policies
  • Attestation Service configuration data
  • Key Protection policies
  • Key Protection configuration data
  • Key Protection Signer Certificates and private keys
  • Key Protection Encryption Certificates and private keys

For more information about the scenario terms, see Security and Assurance .

Examples

Example 1: Export HGS server state and protect it with a password

PS C:\> Export-HgsServerState -Path "C:\HGS\ExportState.xml" -Password $Pass
Encrypted HGS Server State stored at the specified location

This command exports the HGS server state and protects the exported state using a password. The exported state is stored at the file specified by the Path parameter.

Use the ConvertTo-SecureString cmdlet to generate a secure string that represents the password.

Required Parameters

-Password

Specifies the password with which to encrypt the keys.

Type: SecureString
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

Optional Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Aliases: cf
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-Force

Forces the command to run without asking for user confirmation.

Type: SwitchParameter
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Path

Specifies the path for the exported file.

Type: String
Aliases: FilePath
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Aliases: wi
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False