In the previous tip we explained how you can create self-signed code-signing certificates in Windows 10 and Server 2016 (and better). Today, let’s take a look at how you can export such certificates to a password protected file, and reuse the certificates on a different machine.
Let’s assume you have created a new code-signing certificate in your personal certificate store, or there is a code-signing certificate present in your certificate store from other sources. This code will export the certificate to a PFX file located on your desktop:
# this password is required to be able to load and use the certificate later $Password = Read-Host -Prompt 'Enter Password' -AsSecureString # certificate will be exported to this file $Path = "$Home\Desktop\myCert.pfx" # certificate must be in your personal certificate store $cert = Get-ChildItem -Path Cert:\CurrentUser\My -CodeSigningCert | Out-GridView -Title 'Select Certificate' -OutputMode Single $cert | Export-PfxCertificate -Password $Password -FilePath $Path
You are asked for a password. Since code-signing certificates are security-sensitive, the password is used to encrypt the certificate in the PFX file, and you’ll need to enter the password later when you load the certificate.
Next, a grid view window shows all code-signing certificates found in your personal certificate store. Choose the one you want to export.
Once the PFX file is created, you can load it with this line:
$cert = Get-PfxCertificate -FilePath $Path $cert | Select-Object -Property *
Get-PfxCertificate will ask you for the password you set when you created the PFX file. Once the certificate is loaded, you can use it to sign files with Set-AuthenticodeSignature.
psconf.eu – PowerShell Conference EU 2019 – June 4-7, Hannover Germany – visit www.psconf.eu There aren’t too many trainings around for experienced PowerShell scripters where you really still learn something new. But there’s one place you don’t want to miss: PowerShell Conference EU – with 40 renown international speakers including PowerShell team members and MVPs, plus 350 professional and creative PowerShell scripters. Registration is open at www.psconf.eu, and the full 3-track 4-days agenda becomes available soon. Once a year it’s just a smart move to come together, update know-how, learn about security and mitigations, and bring home fresh ideas and authoritative guidance. We’d sure love to see and hear from you!
