Lot's of information on the parent page, this is what I ended up using:
Create Key:
@ECHO OFF pushd %~dp0 cls ::FreeSoftwareServers set certname=user@domain.com set certstore=Cert:\CurrentUser\My\ set pshell=powershell.exe %pshell% -c New-SelfSignedCertificate -CertStoreLocation %certstore% -DnsName %certname% -Type CodeSigning -NotAfter (Get-Date).AddMonths(42) PAUSE
Export Key w/ Private Key:
@ECHO OFF pushd %~dp0 cls ::FreeSoftwareServers set certname=user@domain.com set certfilepath=\\server\ set certstore=Cert:\CurrentUser\My\ set protectto="contso\user" set pshell=powershell.exe FOR /F %%N IN ('powershell.exe -c Get-ChildItem -Path Cert:\CurrentUser\My') DO ( ECHO "%%N" | FIND /i "%certname%" >nul IF %ERRORLEVEL% EQU 0 ( Set thumbprint=%%N ) ) %pshell% -c Export-PfxCertificate -Cert %certstore%%thumbprint% -FilePath '%certfilepath%%certname%.pfx' -ProtectTo %protectto% -Verbose PAUSE
Export in .cer w/o Private Key:
@ECHO OFF pushd %~dp0 cls ::FreeSoftwareServers set certname=user@domain set certfilepath=\\server\path set certstore=Cert:\CurrentUser\My\ set pshell=powershell.exe FOR /F %%N IN ('powershell.exe -c Get-ChildItem -Path Cert:\CurrentUser\My') DO ( ECHO "%%N" | FIND /i "%certname%" >nul IF %ERRORLEVEL% EQU 0 ( Set thumbprint=%%N ) ) %pshell% -c Export-Certificate -Cert %certstore%%thumbprint% -FilePath '%certfilepath%%certname%.cer' PAUSE
Import Cer (no priv key):
@ECHO OFF pushd %~dp0 cls ::FreeSoftwareServers set certfilepath=\\pathtocer set trustedpub=Cert:\CurrentUser\TrustedPublisher set personalcert=Cert:\CurrentUser\My set pshell=powershell.exe %pshell% -c Import-Certificate -FilePath '%certfilepath%' -CertStoreLocation %trustedpub% %pshell% -c Import-Certificate -FilePath '%certfilepath%' -CertStoreLocation %personalcert% PAUSE
Import pfx (cer + priv key):
@ECHO OFF pushd %~dp0 cls ::FreeSoftwareServers set certfilepath=\\pathtopfx set trustedpub=Cert:\CurrentUser\TrustedPublisher set personalcert=Cert:\CurrentUser\My set pshell=powershell.exe %pshell% -c Import-PfxCertificate -FilePath '%certfilepath%' -CertStoreLocation %trustedpub% -Exportable %pshell% -c Import-PfxCertificate -FilePath '%certfilepath%' -CertStoreLocation %personalcert% -Exportable PAUSE