Get Certificate - PowerShell
Overview
Get-Certificate retrieves one or more certificates from a certificate store or location. These certificates can be stored locally on the system, in Active Directory, or on a remote computer.
Syntax
Get-Certificate [-Subject] <string> [-Thumbprint] <string> [-SerialNumber] <string>
[-FriendlyName] <string> [-Issuer] <string> [-FilePath] <string> [-Location] <string>
[-StoreName] <string> [-IncludeDeleted] [<CommonParameters>]
Options/Flags
| Flag | Description | Default |
|—|—|—|
| -Subject | Filters certificates based on the subject field. | |
| -Thumbprint | Filters certificates based on the thumbprint. | |
| -SerialNumber | Filters certificates based on the serial number. | |
| -FriendlyName | Filters certificates based on the friendly name. | |
| -Issuer | Filters certificates based on the issuer field. | |
| -FilePath | Specifies the path to a file containing the certificate. | |
| -Location | Specifies the location of the certificate store. | Cert:\CurrentUser\My |
| -StoreName | Specifies the name of the certificate store. | My |
| -IncludeDeleted | Includes deleted certificates in the results. | False |
Examples
Example 1: Get all certificates in the current user’s personal store.
Get-Certificate -Location Cert:\CurrentUser\My
Example 2: Get a certificate by its thumbprint.
Get-Certificate -Thumbprint "0123456789ABCDEF0123456789ABCDEF"
Example 3: Get certificates from a remote computer.
Get-Certificate -Location "Cert:\RemoteComputer\My" -ComputerName "remotecomputer"
Common Issues
- Error: The certificate store could not be opened. This error can occur if the certificate store is corrupted or if the user does not have sufficient permissions to access the store.
- Error: The certificate could not be found. This error can occur if the certificate has been deleted or if the search criteria is incorrect.
Integration
Get-Certificate can be used with other PowerShell commands to perform advanced tasks, such as:
- Export-Certificate to export certificates to a file.
- New-SelfSignedCertificate to create self-signed certificates.
- Set-Certificate to modify certificate properties.
Related Commands
- CertUtil
- Makecert
- New-Certificate
- Remove-Certificate