PowerTip: Use PowerShell to Get SSL Certificate


Summary: Learn how to use Windows PowerShell to get an SSL certificate from an internal certification authority.

Hey, Scripting Guy! Question How can I use Windows PowerShell to get an SSL certificate from an internal certification authority (CA)
           and import it to my web server's local certificate store?

Hey, Scripting Guy! Answer Use the Get-Certificate cmdlet, specify the template, the DNS name, subject, and store location, for example
           (this is a one-line command broken to fit on the webpage):

Get-Certificate -Template WebServer -DnsName "webserver.contoso.com"
-CertStoreLocation Cert:\LocalMachine\My  -SubjectName “webserver1.contoso.com”

Note  The certificate cannot be marked exportable using this method.
Thank you to Microsoft PFE, Jason Walker, for today’s PowerTip.

Comments (3)

  1. Get-certificate! Cool, I love PS!

  2. This is SO easy!!! Thanks guys!!!

  3. adam says:

    You may need to have the subject name (depending on the template) define the attribute, such as: -subjectname "CN=server.test.com". For multiple SAN/DNS entries, put each in DNS entry in quotes, separated by commas: -dnsname "alias1.test.com","alias2.test.com","alias3.test.com".
    Otherwise, the official documentation is wrong–it omits the quotes, which leaves you with an invalid "DNS=alias1.test.com,alias2.test.com,alias3.test.com" instead of separate lines for each (DNS=alias1.test.com, DNS=alias2.test.com, DNS=alias3.test.com).

Skip to main content