Some Easy PowerShell to Export the Token Signing Certificate from SharePoint 2010

I know this has been a pain of varying magnitudes for folks over the last couple of years, so I thought I would share some nice PowerShell I stumbled upon recently.  It allows you to export the token signing certificate of the local SharePoint farm’s STS.  You can then use this for things like getting the thumbprint to use when setting up a federated trust with a WCF endpoint, etc.  To get the cert saved locally, just use these two PowerShell commands:

$stsCert = (Get-SPSecurityTokenServiceConfig).LocalLoginProvider.SigningCertificate

$stsCert.Export(“Cert”) | Set-Content “C:\STS.cer” -Encoding byte

That exports the certificate into a file on your C:\ drive called STS.cer.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s