Menu Close

Backup and replace PFX certificates in PowerShell

I recently wrote a PowerShell script that will back and replace a certificate as well assign permissions to the private keys.

Basically, what this script does is:
– First checks if the certificate you want to import exists or not
– Perform a back-up of the certificate
– Import the private certificate
– Assign the Everyone group read access on the private key
– Import the public certificate

Note that these actions take place in the Local Machine certificate store and we will work with .PFX format.

The private certificate is marked as exportable so that when you do backup the certificate, you have the ability to re-deploy if needed.

There are a few values that you will need to adjust in this script however:

This line sets the password of the exported certificate to 1. You can change this to any value you want.

This section tells you where the certificate is being exported to. By default, it is set to C:\Test\
You will need to change all instances of C:\Test\ to the location you want to export on your machine. You could change this to a variable if you want to save to a different location each time or would like to be prompted.

This section tells us what permissions are being assigned and to which user/group. Again, you can change these values as needed.

And finally, here is the script:

Posted in Code, Powershell, Tech

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.