-
Notifications
You must be signed in to change notification settings - Fork 67
CertificateExport
Daniel Scott-Raynsford edited this page Apr 26, 2018
·
6 revisions
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Path | Key | string | The path to the file you that will contain the exported certificate. | |
| Thumbprint | Write | string | The thumbprint of the certificate to export. Certificate selector parameter. | |
| Subject | Write | string | The subject of the certificate to export. Certificate selector parameter. | |
| DNSName | Write | string[] | The subject alternative name of the certificate to export must contain these values. Certificate selector parameter. | |
| Issuer | Write | string | The issuer of the certificate to export. Certificate selector parameter. | |
| KeyUsage | Write | string[] | The key usage of the certificate to export must contain these values. Certificate selector parameter. | |
| EnhancedKeyUsage | Write | string[] | The enhanced key usage of the certificate to export must contain these values. Certificate selector parameter. | |
| Store | Write | string | The Windows Certificate Store Name to search for the certificate to export from. Certificate selector parameter. Defaults to 'My'. | |
| AllowExpired | Write | boolean | Allow an expired certificate to be exported. Certificate selector parameter. | |
| MatchSource | Write | boolean | Causes an existing exported certificate to be compared with the certificate identified for export and re-exported if it does not match. | |
| Type | Write | string | Specifies the type of certificate to export. | Cert, P7B, SST, PFX |
| ChainOption | Write | string | Specifies the options for building a chain when exporting a PFX certificate. | BuildChain, EndEntityCertOnly |
| Password | Write | PSCredential | Specifies the password used to protect an exported PFX file. | |
| ProtectTo | Write | string[] | Specifies an array of strings for the username or group name that can access the private key of an exported PFX file without any password. | |
| IsExported | Read | boolean | Returns true if the certificate file already exists and therefore has been exported. |
The resource is used to export a certificate from a Windows certificate store.
Exports a certificate as a CERT using the friendly name to identify it.
Configuration Example
{
param
(
[Parameter()]
[System.String[]]
$NodeName = 'localhost'
)
Import-DscResource -ModuleName CertificateDsc
Node $AllNodes.NodeName
{
CertificateExport SSLCert
{
Type = 'CERT'
FriendlyName = 'Web Site SSL Certificate for www.contoso.com'
Path = 'c:\sslcert.cer'
}
}
}Exports a certificate as a PFX using the friendly name to identify it.
Configuration Example
{
param
(
[Parameter()]
[System.String[]]
$NodeName = 'localhost',
[Parameter(Mandatory = $true)]
[ValidateNotNullorEmpty()]
[System.Management.Automation.PSCredential]
$Credential
)
Import-DscResource -ModuleName CertificateDsc
Node $AllNodes.NodeName
{
CertificateExport SSLCert
{
Type = 'PFX'
FriendlyName = 'Web Site SSL Certificate for www.contoso.com'
Path = 'c:\sslcert.cer'
Password = $Credential
}
}
}