Import-Pfx Certificate

Imports certificates and private keys from a Personal Information Exchange (PFX) file to the destination store.

Syntax

Import-PfxCertificate
      [-Exportable]
      [-Password <SecureString>]
      [[-CertStoreLocation] <String>]
      [-FilePath] <String>
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

The Import-PfxCertificate cmdlet imports certificates and private keys from a PFX file to the destination store. Certificates with and without private keys in the PFX file are imported, along with any external properties that are present.

Delegation may be required when using this cmdlet with Windows PowerShell® remoting and changing user configuration.

Examples

EXAMPLE 1

PS C:\>$mypwd = Get-Credential -UserName 'Enter password below' -Message 'Enter password below'



PS C:\>Import-PfxCertificate -FilePath C:\mypfx.pfx -CertStoreLocation Cert:\LocalMachine\My -Password $mypwd.Password

This example imports the PFX file my.pfx with a private non-exportable key into the My store for the machine account.

EXAMPLE 2

PS C:\>Get-ChildItem -Path c:\mypfx\my.pfx | Import-PfxCertificate -CertStoreLocation Cert:\CurrentUser\My -Exportable

This example imports the PFX file my.pfx with a private non-exportable key into the My store for the current user with private key exportable. The Password parameter is not required since this PFX file is not password protected.

EXAMPLE 3

PS C:\>Set-Location -Path cert:\localMachine\my



PS C:\>Import-PfxCertificate -FilePath c:\mypfx.pfx

This example imports the PFX file mypfx.pfx into the My store for the machine account. The Password parameter is not required since this PFX file is protected using the domain account of this machine. This requires a Windows Server® 2012 domain controller.

Required Parameters

-FilePath

Specifies the path for the PFX file.

Type: String
Aliases: FullName
Position: 0
Default value: None
Accept pipeline input: True (ByPropertyName)
Accept wildcard characters: False

Optional Parameters

-CertStoreLocation

Specifies the path of the store to which certificates will be imported. If this parameter is not specified, then the current path is used as the destination store.

Type: String
Position: 1
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Confirm

Prompts you for confirmation before running the cmdlet.

Type: SwitchParameter
Aliases: cf
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False
-Exportable

Specifies whether the imported private key can be exported. If this parameter is not specified, then the private key cannot be exported.

Type: SwitchParameter
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-Password

Specifies the password for the imported PFX file in the form of a secure string.

Type: SecureString
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type: SwitchParameter
Aliases: wi
Position: Named
Default value: False
Accept pipeline input: False
Accept wildcard characters: False

Inputs

System.String

A String containing the path to the PFX file.

Outputs

System.Security.Cryptography.X509Certificates.X509Certificate2

The imported X509Certificate2 object contained in the PFX file that is associated with private keys.