Gets a certificate from a file on the file system or from a Windows certificate store by thumbprint or friendly name.
Get-Certificate -FriendlyName <String> -StoreLocation {CurrentUser | LocalMachine} -StoreName {AddressBook | AuthRoot | CertificateAuthority | Disallowed | My | Root | TrustedPeople | TrustedPublisher} [<CommonParameters>]
Get-Certificate -Path <String> [-Password <Object>] [<CommonParameters>]
Get-Certificate -Thumbprint <String> -StoreLocation {CurrentUser | LocalMachine} -CustomStoreName <String> [<CommonParameters>]
Get-Certificate -Thumbprint <String> -StoreLocation {CurrentUser | LocalMachine} -StoreName {AddressBook | AuthRoot | CertificateAuthority | Disallowed | My | Root | TrustedPeople | TrustedPublisher} [<CommonParameters>]
Get-Certificate -FriendlyName <String> -StoreLocation {CurrentUser | LocalMachine} -CustomStoreName <String> [<CommonParameters>]
Certificates can be files or they can be in a Windows certificate store. This function returns an X509Certificate2
object for a script that's a file on the file system or a cert stored in Microsoft's certificate store. You can get a certificate from a certificate store with its unique thumbprint or its friendly name. Friendly names are not required to be unique, so you may get multiple certificates when using that search method.
Name | Type | Description | Required? | Pipeline Input | Default Value |
---|---|---|---|---|---|
Path | String | The path to the certificate. | true | false | |
Password | Object | The password to the certificate. Can be plaintext or a SecureString. | false | false | |
Thumbprint | String | The certificate's thumbprint. | true | false | |
FriendlyName | String | The friendly name of the certificate. | true | false | |
StoreLocation | StoreLocation | The location of the certificate's store. | true | false | |
StoreName | StoreName | The name of the certificate's store. | true | false | |
CustomStoreName | String | The name of the non-standard, custom store. | true | false |
System.Security.Cryptography.X509Certificates.X509Certificate2. The X509Certificate2 certificates that were found, or $null
.
Get-Certificate -Path C:\Certificates\certificate.cer -Password MySuperSecurePassword
Gets an X509Certificate2 object representing the certificate.cer file.
Get-Certificate -Thumbprint a909502dd82ae41433e6f83886b00d4277a32a7b -StoreName My -StoreLocation LocalMachine
Gets an X509Certificate2 object for the certificate in the Personal store with a specific thumbprint under the Local Machine.
Get-Certificate -FriendlyName 'Development Certificate' -StoreLocation CurrentUser -StoreName TrustedPeople
Gets the X509Certificate2 whose friendly name is Development Certificate from the Current User's Trusted People certificate store.
Get-Certificate -Thumbprint a909502dd82ae41433e6f83886b00d4277a32a7b -CustomStoreName 'SharePoint' -StoreLocation LocalMachine
Demonstrates how to get a certificate from a custom store, i.e. one that is not part of the standard StoreName
enumeration.