Get Certificate - PowerShell


Get-Certificate retrieves one or more certificates from a certificate store or location. These certificates can be stored locally on the system, in Active Directory, or on a remote computer.


Get-Certificate [-Subject] <string> [-Thumbprint] <string> [-SerialNumber] <string>
[-FriendlyName] <string> [-Issuer] <string> [-FilePath] <string> [-Location] <string>
[-StoreName] <string> [-IncludeDeleted] [<CommonParameters>]


| Flag | Description | Default |
| -Subject | Filters certificates based on the subject field. | |
| -Thumbprint | Filters certificates based on the thumbprint. | |
| -SerialNumber | Filters certificates based on the serial number. | |
| -FriendlyName | Filters certificates based on the friendly name. | |
| -Issuer | Filters certificates based on the issuer field. | |
| -FilePath | Specifies the path to a file containing the certificate. | |
| -Location | Specifies the location of the certificate store. | Cert:\CurrentUser\My |
| -StoreName | Specifies the name of the certificate store. | My |
| -IncludeDeleted | Includes deleted certificates in the results. | False |


Example 1: Get all certificates in the current user’s personal store.

Get-Certificate -Location Cert:\CurrentUser\My

Example 2: Get a certificate by its thumbprint.

Get-Certificate -Thumbprint "0123456789ABCDEF0123456789ABCDEF"

Example 3: Get certificates from a remote computer.

Get-Certificate -Location "Cert:\RemoteComputer\My" -ComputerName "remotecomputer"

Common Issues

  • Error: The certificate store could not be opened. This error can occur if the certificate store is corrupted or if the user does not have sufficient permissions to access the store.
  • Error: The certificate could not be found. This error can occur if the certificate has been deleted or if the search criteria is incorrect.


Get-Certificate can be used with other PowerShell commands to perform advanced tasks, such as:

  • Export-Certificate to export certificates to a file.
  • New-SelfSignedCertificate to create self-signed certificates.
  • Set-Certificate to modify certificate properties.
  • CertUtil
  • Makecert
  • New-Certificate
  • Remove-Certificate