Get-AzureKeyVaultCertificate
Gets a certificate from a key vault.
Warning
The AzureRM PowerShell module has been officially deprecated as of February 29, 2024. Users are advised to migrate from AzureRM to the Az PowerShell module to ensure continued support and updates.
Although the AzureRM module may still function, it's no longer maintained or supported, placing any continued use at the user's discretion and risk. Please refer to our migration resources for guidance on transitioning to the Az module.
Syntax
Get-AzureKeyVaultCertificate
[-VaultName] <String>
[[-Name] <String>]
[-InRemovedState]
[-IncludePending]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-VaultName] <String>
[-Name] <String>
[-Version] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-VaultName] <String>
[-Name] <String>
[-IncludeVersions]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-InputObject] <PSKeyVault>
[[-Name] <String>]
[-InRemovedState]
[-IncludePending]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-InputObject] <PSKeyVault>
[-Name] <String>
[-Version] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-InputObject] <PSKeyVault>
[-Name] <String>
[-IncludeVersions]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-ResourceId] <String>
[[-Name] <String>]
[-InRemovedState]
[-IncludePending]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-ResourceId] <String>
[-Name] <String>
[-Version] <String>
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Get-AzureKeyVaultCertificate
[-ResourceId] <String>
[-Name] <String>
[-IncludeVersions]
[-DefaultProfile <IAzureContextContainer>]
[<CommonParameters>] Description
The Get-AzureKeyVaultCertificate cmdlet gets the specified certificate or the versions of a certificate from a key vault in Azure Key Vault.
Examples
Example 1: Get a certificate
PS C:\> Get-AzureKeyVaultCertificate -VaultName "ContosoKV01" -Name "TestCert01"
Name : testCert01
Certificate : [Subject]
CN=contoso.com
[Issuer]
CN=contoso.com
[Serial Number]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[Not Before]
2/8/2016 3:11:45 PM
[Not After]
8/8/2016 4:21:45 PM
[Thumbprint]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Tags :
Enabled : True
Created : 2/8/2016 11:21:45 PM
Updated : 2/8/2016 11:21:45 PMThis command gets the certificate named TestCert01 from the key vault named ContosoKV01.
Example 2: Get all the certificates that have been deleted but not purged for this key vault.
PS C:\> Get-AzureKeyVaultCertificate -VaultName 'contoso' -InRemovedState
DeletedDate : 5/24/2018 6:08:32 PM
Enabled : True
Expires : 11/24/2018 6:08:13 PM
NotBefore : 5/24/2018 5:58:13 PM
Created : 5/24/2018 6:08:13 PM
Updated : 5/24/2018 6:08:13 PM
Tags :
VaultName : contoso
Name : test1
Version :
Id : https://contoso.vault.azure.net:443/certificates/test1
ScheduledPurgeDate : 8/22/2018 6:10:47 PM
DeletedDate : 5/24/2018 6:10:47 PM
Enabled : True
Expires : 11/24/2018 6:09:44 PM
NotBefore : 5/24/2018 5:59:44 PM
Created : 5/24/2018 6:09:44 PM
Updated : 5/24/2018 6:09:44 PM
Tags :
VaultName : contoso
Name : test2
Version :
Id : https://contoso.vault.azure.net:443/certificates/test2This command gets all the certificates that have been previously deleted, but not purged, in the key vault named Contoso.
Example 3: Gets the certificate MyCert that has been deleted but not purged for this key vault.
PS C:\> Get-AzureKeyVaultCertificate -VaultName 'contoso' -Name 'test1' -InRemovedState
Certificate : [Subject]
CN=contoso.com
[Issuer]
CN=contoso.com
[Serial Number]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[Not Before]
5/24/2018 10:58:13 AM
[Not After]
11/24/2018 10:08:13 AM
[Thumbprint]
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
KeyId : https://contoso.vault.azure.net:443/keys/test1/7fe415d5518240c1a6fce89986b8d334
SecretId : https://contoso.vault.azure.net:443/secrets/test1/7fe415d5518240c1a6fce89986b8d334
Thumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
RecoveryLevel : Recoverable+Purgeable
ScheduledPurgeDate : 8/22/2018 6:08:32 PM
DeletedDate : 5/24/2018 6:08:32 PM
Enabled : True
Expires : 11/24/2018 6:08:13 PM
NotBefore : 5/24/2018 5:58:13 PM
Created : 5/24/2018 6:08:13 PM
Updated : 5/24/2018 6:08:13 PM
Tags :
VaultName : contoso
Name : test1
Version : 7fe415d5518240c1a6fce89986b8d334
Id : https://contoso.vault.azure.net:443/certificates/test1/7fe415d5518240c1a6fce89986b8d334This command gets the certificate named 'MyCert' that has been previously deleted, but not purged, in the key vault named Contoso. This command will return metadata such as the deletion date, and the scheduled purging date of this deleted certificate.
Parameters
-DefaultProfile
The credentials, account, tenant, and subscription used for communication with azure
| Type: | IAzureContextContainer |
| Aliases: | AzureRmContext, AzureCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IncludePending
Specifies whether to include pending certificates in the output
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-IncludeVersions
Indicates that this operation gets all versions of the certificate.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
KeyVault object.
| Type: | PSKeyVault |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-InRemovedState
Specifies whether to include previously deleted certificates in the output
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Name
Specifies the name of the certificate to get.
| Type: | String |
| Aliases: | CertificateName |
| Position: | 1 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResourceId
KeyVault Resource Id.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-VaultName
Specifies the name of a key vault.
| Type: | String |
| Position: | 0 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Version
Specifies the version of a certificate.
| Type: | String |
| Aliases: | CertificateVersion |
| Position: | 2 |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Parameters: InputObject (ByValue)
Outputs
PSKeyVaultCertificateIdentityItem
PSDeletedKeyVaultCertificateIdentityItem