Export-HgsKeyProtectionState
Exports Key Protection Service configuration and certificates.
Syntax
Export-HgsKeyProtectionState
[-Path <String>]
-Password <SecureString>
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
The Export-HgsKeyProtectionState cmdlet exports configuration of Key Protection Service to a file referenced by the path parameter. If the path parameter is not provided, the cmdlet outputs the configuration state as XML. If the configuration contains certificates that were added to the service with pfx (containing private key), then the exported configuration also contains those private keys. The password parameter is used to protect the private keys that are part of the configuration. If the configuration contains certificates with private keys in Hardware Security Module (HSM), then the configuration only contains the public certificate.
Examples
Example 1: Export Key Protection Service state to a file
PS C:\> Export-HgsKeyProtectionState -Path "C:\example\kps.config" -Password $PasswordThis command exports configuration state of Key Protection Service. All certificates that were added as a pfx are included in the output which is written to the file referenced by the path parameter. The private keys are protected with the password specified in the $Password secure string.
Example 2: Export Key Protection Service state to Xml
PS C:\> Export-HgsKeyProtectionState -Password $PasswordThis command exports configuration state of Key Protection Service as output that can be stored in a variable. All certificates that were added as a pfx are included in the output. The private keys are protected with the password specified in the $Password secure string.
Parameters
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Force
Forces the command to run without asking for user confirmation.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Password
Specifies the password which protects private keys contained within the exported configuration.
| Type: | SecureString |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Path
Specifies the path of the file to which the configuration state is written.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
None
You cannot pipe input to this cmdlet.
Outputs
None
This cmdlet outputs XmlDocument that contains Key Protection Service state if Path parameter is not specified.