How to get raw data from PFX certificates?


This article will show the step-by-step PowerShell commands to read the raw data from the certificate.

Prerequesite is you need to create a sample PFX file. It is very easy to create such files using the PnP Powershell module.

## create C:\Certs and run the following command.

New-PnPAzureCertificate -OutPfx wildcard.pfx -OutCert wildcard.cer -CertificatePassword (ConvertTo-SecureString -String "pass@word1" -AsPlainText -Force)
# the following command will be used to read the PFX file and get the cert value.

$pfxPath = "C:\Certs\wildcard.pfx"
$pfxPass = "pass@word1"
$stsCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $pfxPath, $pfxPass, 20
$binCert = $stsCertificate.GetRawCertData()
$credValue = [System.Convert]::ToBase64String($binCert)

Now using the above $credValue you can use to connect to the PnP Online. Assuming you have created an Azure AD app, added the required permissions, and added the above-created cert to the app.

$HashArgs = @{
    Url = ""
    ClientId = "GUID-OF-AAD-APP"
    CertificateBase64Encoded = $certValue
    Tenant  = "
$conn = Connect-PnpOnline @HashArgs -ReturnConnection


An easy and simple way to securely connect to the SPO tenant or site using PnP

About Pankaj

I am a Developer and my linked profile is
This entry was posted in PnP.PowerShell, SharePoint, Technical Stuff. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s