If we need to install our certification on our VM (virtual machine) or local system, we need to have a private certification.
In general, if we need to create a .pfx file, we need to have the certification and its key file. In real time scenario, the key file will not be available for us. In this case, we can directly generate the .pfx file from the installed locations. Here, I am generating the .pfx file from the Azure Key Vault, my certificate being installed in Azure Key Vault.
Below is the PowerShell commands to generate the .pfx file from the Azure Key Vaults.
Step 1
Log in to Azure using the below command and provide required credentials.
Login-AzureRmAccount
Step 2
Update the key vault name and certificate details in the below code and execute step by step. This will generate the certificate in system desktop with the given file name.
- $keyVaultName = "<< Key vault name >>"
- $certName = "<< Certificate Name >>"
- $kvCret = Get - AzureKeyVaultSecret - VaultName $keyVaultName - Name $certName
- $kvCretBytes = [System.Convert]::FromBase64String($kvCret.SecretValueText)
- $certCollection = New - Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection
- $certCollection.Import($kvCretBytes, $null, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable)
- $password = '<< Create your own password for pfx file >>'
- $protectedCertificateBytes = $certCollection.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12, $password)
- $pfxFilePath = [Environment]::GetFolderPath("Desktop") + "\MyCertificate.pfx" [System.IO.File]::WriteAllBytes($pfxPath, $protectedCertificateBytes)