Automating certificate process from request to export RRS feed

  • Question

  • Hello,

    I need help because i'm stuck at a specific point in my PowerShell script. This script is supposed to do these steps:

    - create the .inf file with the necessary information

    - create the request file

    - sending the request file to the CA

    - issue the pending request

    - export the certificate with the private key

    I am stuck at the last step. I can find the certificate issued by showing it using the PSPKI cmdlet "Get-IssuedRequest", but i can't export it, neither installing it in the local computer.

    How can you export a certificate issued by your CA?

    Thanks for your help.

    • Moved by Bill_Stewart Monday, March 12, 2018 8:54 PM Off-topic
    Wednesday, January 24, 2018 11:42 AM

All replies

  • Hi,

    Do you get a specific error message?

    Wednesday, January 24, 2018 12:21 PM
  • Hi, 

    I tried many ways to export the issued certificate.

    Using the "Get-IssuedRequest", i try to pipe with the "Export-Certificate" or the "Export-PfxCertificate" and the error says that the input object cannot be bound to any parameters for the command either because the command does not take pipeline input or the input and its properties do not match any of the parameters that take pipeline input.

    I also tried to export the certificate by locating it using the cert: directory. I'm 99% sure it is not there.

    Otherwise, as i don't know how to locate the issued certificate, i can't use the "Export-Certificate" alone.

    Wednesday, January 24, 2018 12:36 PM
  • help Export-PfxCertificate -full


    Wednesday, January 24, 2018 4:56 PM
  • I don't understand this answer.

    By the way, the real question here is how to get the certificate path from what you see in the UI mmc Certification Authority. Otherwise any idea how to do it any other way would be highly appreciated.

    Thursday, January 25, 2018 9:05 AM
  • Get the certificate:

    Get-Item cert:LocalHost\My\<thumbprint>


    Thursday, January 25, 2018 9:13 AM
  • thanks for your help, but this doesn't answer my question. 

    I will try to be as clear as possible. What you suggested just above, gets you the certificates that are in the local store. For an example, i have in my local store, the root CA certificate and the issuing one. To get that using the User Interface, i have to use the MMC with the "Certificates" snap-in.

    Now my question is: when you use the same MMC with the "Certification Authority" snap-in, what you get is the CA store with all the certificates you issued, or revoked for example. How do you get to this part by command line? What's the path of these certificates? How do you show in command line a certificate that you just issued, and therefore, not yet installed on your local store?

    Thanks in advance for your help.

    Thursday, January 25, 2018 3:19 PM
  • Post in the server forum for issue regarding using the CA store and how to create and manage certificates.

    Here are all of the CA CmdLets in PowerShell: https://technet.microsoft.com/en-us/library/dn440704%28v=wps.630%29.aspx?f=255&MSPPError=-2147217396


    Thursday, January 25, 2018 5:05 PM
  • Hello,

    I created a post in the Scripting forum but following the advice of a guy, i try my chance here. The post link is here: https://social.technet.microsoft.com/Forums/scriptcenter/en-US/975d5c50-1638-4d4b-b185-64597ed392ac/automating-certificate-process-from-request-to-export?forum=ITCG

    To make it short, the question is how do you export a certificate issued by your CA using PowerShell?

    By looking for informations about this, i have a lot of answers but not the one i'm looking for. My certificate is located in the "Certification Authority" mmc snap-in, not the "Certificates" one, which you can browse using cert:\LocalMachine for example.

    Thanks for your help.

    • Merged by jrv Friday, January 26, 2018 6:55 AM DUPLICATE
    Friday, January 26, 2018 6:36 AM
  • Friday, January 26, 2018 7:08 AM