Import Certificate - PowerShell

Overview

Import-Certificate adds a certificate to the current user’s Personal certificate store or to a specified certificate store. It allows users to securely import and store digital certificates for various purposes, such as authentication, encryption, and digital signatures.

Syntax

Import-Certificate [-FilePath] <String> [-CertStore] <String> [-Password] <SecureString> [-KeyUsage] <X509KeyUsageFlags> [-Exportable] <Boolean> [-DestinationKeySet] <String>

Options/Flags

  • FilePath: Specifies the path to the certificate file to import.
  • CertStore: Specifies the name of the certificate store where the certificate should be added. Default: My
  • Password: (Optional) Specifies the password to unlock the certificate file, if it’s password-protected.
  • KeyUsage: Sets the key usage flags for the imported certificate.
  • Exportable: Specifies whether the imported certificate should be exportable. Default: True
  • DestinationKeySet: Specifies the name of the keyset to use for storing the private key associated with the certificate.

Examples

1. Import a certificate from a file:

Import-Certificate -FilePath "C:\path\to\certificate.pfx"

2. Import a certificate to a specific store:

Import-Certificate -FilePath "C:\path\to\certificate.pfx" -CertStore "MyOtherStore"

3. Import a certificate with a password:

$password = ConvertTo-SecureString "password" -AsPlainText -Force
Import-Certificate -FilePath "C:\path\to\certificate.pfx" -Password $password

Common Issues

  • The specified file is not a valid certificate: Ensure the file you’re importing contains a valid certificate.
  • Access denied: You may not have sufficient permissions to import certificates to the specified store.
  • The certificate does not have a private key: The certificate you’re importing must contain a private key for it to be usable.

Integration

  • Export-Certificate: Can be used to export a certificate from the store after importing it.
  • Set-ItemProperty: Can be utilized to modify the properties of the imported certificate.
  • Get-ChildItem: Can be used to list the certificates in the specified store, including the newly imported one.