If your .CER certificate contains a private key, you can only import it through the MMC console.
Neither the certutil nor the Import-Certificate cmdlet keeps the private key during the import process.
The Import-PfxCertificate cmdlet keeps the private key, but it does not import .CER certificates.
Import the certificate with Certutil
The following command line assumes that you are already inside the folder containing the certificate. Otherwise,,provide the path to the certificate file.
certutil -addstore -f "My" "MyCertificate.cer"
The key point here is the -user parameter. Without this parameter, the certificate is imported into the Local Computer‘s store instead of the Local User‘s store.
Import the certificate with Powershell
Import a .CER certificate
Import-Certificate -FilePath .\Certificate.cer -CertStoreLocation Cert:\LocalMachine\My
Import a .PFX certificate
Import-PfxCertificate -FilePath .\Certificate.cer -CertStoreLocation Cert:\LocalMachine\My
Import a certificate through the console
- In a command line type certlm1
- Expand Certificates – Current User \ Personal \ Certificates (if this folder already exists)
- Right-click the Personal folder, select All tasks and Import…
- Type the file name or click Browse and select the certificate you want to import.
- Select Place all certificates in the following store and use Personal as Certificate store.
For operating systems older than Windows Server 2012 or Windows 8, type mmc in a command line and add the Certificates snap-in as a computer account. ↩