Home / server / Questions / 1169998
Accepted
mfinni
Asked: 2025-01-11 03:25:29 +0800 CST

get-pfxCertificate fails on a valid certificate, whereas import-pfxcertificate works

  • 772

I have a known-good PFX file, with the correct password. I can import it using the windows certificate UI, or the import-pfxcertificate cmdlet. However, get-pfxcertificate fails. Any ideas?

PS > $password = read-host -AsSecureString
****************

PS > Import-PfxCertificate C:\Users\mfinnigan\Desktop\test.pfx -Password $password cert:\CurrentUser\my

   PSParentPath: Microsoft.PowerShell.Security\Certificate::CurrentUser\my

Thumbprint                                Subject              EnhancedKeyUsageList
----------                                -------              --------------------
<snip>                                    CN=<snip>            Client Authentication

PS > get-pfxCertificate C:\Users\mfinnigan\Desktop\test.pfx -Password $password
Get-PfxCertificate: An error occurred during encode or decode operation.
powershell

1 Answers

  1. Best Answer

    OK, I found the issue. The stored value the file is base64 encoded. Interestingly, Import-PfxCertificate can handle that, I'm guessing it does the decoding if it needs to, whereas get-pfxcertificate does not. It would be super fricking helpful if these behaviors were documented somewhere, so hopefully this Q&A will be important for someone else in the future.

    • 0