Open
Description
The documentation says that the cert parameter can accept an array of certificate objects. But it does not. If you pass it a single object of System.Security.Cryptography.X509Certificates.X509Certificate2, it works as expected. If you pass it an array or collection of System.Security.Cryptography.X509Certificates.X509Certificate2, it fails with "Export-Certificate : Cannot convert 'System.Object[]' to the type 'Microsoft.CertificateServices.Commands.Certificate' required by parameter 'Cert'. Specified method is not supported."
Demonstration:
# select more than one certificate
$cert = Get-ChildItem -Path cert:\localmachine -recurse | out-gridview -passthru
# This works as expected
Export-Certificate -Cert $cert[0] -Type sst -FilePath C:\Users\Public\Documents\certexport.sst
# this throws an error
Export-Certificate -Cert $cert -Type sst -FilePath C:\Users\Public\Documents\certexport.sst
# This constructs an array of certificates and throws an error too
$cert | foreach-object -Begin { $cert2 = @() } -Process { $cert2 += $_ }
# even though they are both arrays
$cert.gettype()
$cert2.gettype()
# and they are arrays of System.Security.Cryptography.X509Certificates.X509Certificate2
$cert | get-member
$cert2 | get-member
# it looks like the problem is a fault in the new constructor of Microsoft.CertificateServices.Commands.Certificate
[Microsoft.CertificateServices.Commands.Certificate]::new($cert[0]) | Get-member
# That should not be a PSCustomObject
Document Details
⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: 75c6b91f-0156-26c1-76f6-60f11d39bc37
- Version Independent ID: aedf27ba-abfc-7e5d-4c69-cbf370fdac2b
- Content: Export-Certificate (pki)
- Content Source: docset/windows/pki/export-certificate.md
- Product: w10
- GitHub Login: @brianlic-msft
- Microsoft Alias: brianlic