我正在使用power shell脚本来导出带有私钥的证书,私钥也包含路径中的所有证书。我为此编写了一个脚本,它不包括路径中的证书或根证书。下面是脚本。如果我的脚本中有任何更改,请建议我。 提前致谢。
defaults to 8 * cpu_count答案 0 :(得分:2)
Udpated脚本导出与特定名称和颁发者匹配的所有证书(以及私钥)。确保使用admin priviliges
运行此命令# Script to export certificate from LocalMachine store along with private key
$Password = "@de08nt2128"; #password to access certificate after expting
$CertName = "WMSvc-WIN-9KC7DG31JBV"; # name of the certificate to export
$RootCertName = "WMSvc-WIN-9KC7DG31JBV"; # root certificate (the Issuer)
$ExportPathRoot = "C:\DestinationFolder"
$CertListToExport = Get-ChildItem -Path cert:\LocalMachine\My | ?{ $_.Subject -Like "*CN=$CertName*" -and $_.Issuer -Like "CN=$RootCertName*" }
foreach($CertToExport in $CertListToExport | Sort-Object Subject)
{
# Destination Certificate Name should be CN.
# Since subject contains CN, OU and other information,
# extract only upto the next comma (,)
$DestCertName=$CertToExport.Subject.ToString().Replace("CN=","");
$DestCertName = $DestCertName.Substring(0, $DestCertName.IndexOf(","));
$CertDestPath = Join-Path -Path $ExportPathRoot -ChildPath "$DestCertName.pfx"
$SecurePassword = ConvertTo-SecureString -String $Password -Force –AsPlainText
# Export PFX certificate along with private key
Export-PfxCertificate -Cert $CertToExport -FilePath $CertDestPath -Password $SecurePassword -Verbose
}
您的脚本更新
$_.Issuer -eq "CN=$RootCertName"正常工作,您必须包含OU,O,S信息,以便它正常工作,因此我将其修改为$_.Issuer -Like "CN=$RootCertName*",以便它匹配所有发卡行的人名称以变量$RootCertName $CertToExport.Subject.ToString().Replace("CN=","")生成pfx文件名将导致名称格式为some-cert-name, OU=sometext, O=org, C=country.pfx,因此最好限制下一个逗号(,),因此我添加了$DestCertName.Substring(0, $DestCertName.IndexOf(",")) Export-PfxCertifcate导出私钥