Export-NAVEncryptionKey

Exports the encryption key to a file in a specified path on the computer or network.

Syntax

Export-NAVEncryptionKey
      [-KeyPath] <String>
      [-Password <SecureString>]
      [-ServerInstance] <String>
      [-Force]
      [-ProgressAction <ActionPreference>]
      [-WhatIf]
      [-Confirm]
      [<CommonParameters>]

Description

When using SQL Server authentication between the Business Central Server instance and database in SQL Server, Business Central encrypts passwords that are used by a Business Central Server instance to access to Business Central databases in SQL Server.This includes, for example, the Business Central Server service account credentials and the database credentials.

To encrypt and decrypt the passwords, an encryption key is used. Business Central uses a single encryption key per server instance. The same encryption must be included in the Business Central database to which the server instance connects.

In some cases, such as when you upgrade or migrate a system from one set of hardware to another, you might need to copy of the encryption key to use it on another Business Central Server instance.

By using the Export-NAVEncryptionKey cmdlet, you can export the encryption key from one Business Central Server instance to a file, and then use the Import-NAVEncryptionKey cmdlet to import the exported key into another Business Central Server instance. The Export-NAVEncryptionKey cmdlet enables you to specify a destination file for the key and specify a password to protect the file.

Examples

EXAMPLE 1

Export-NAVEncryptionKey -ServerInstance BC -KeyPath "C:\Keys\nav.key" -Password (Get-Credential).Password

The example exports an encryption key from a Business Central Server instance to a password protected file.

EXAMPLE 2

Export-NAVEncryptionKey -ServerInstance BC -KeyPath "C:\Keys\nav.key" | Import-NAVEncryptionKey -ServerInstance NewInstance

The example exports an encryption key from a Business Central Server instance, and then imports that key into another Business Central Server instance on the same computer.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Force

Forces the command to run without asking for user confirmation.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-KeyPath

Specifies the full path to where the key file will be exported. The full path includes the drive, folders, and file name. The folder path must already exist. The file will be created that has the given file name.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Password

Specifies a password that protects the encryption key file.

Type:SecureString
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProgressAction

A common PowerShell parameter that determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider. Learn more.

Type:ActionPreference
Aliases:proga
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ServerInstance

Specifies the name of a Business Central Server instance, for example, BC or myinstance. You can specify either the full name of an instance, such as MicrosoftDynamicsNavServer$myinstance or the short name such as myinstance.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Outputs

System.String KeyPath

Returns the value of the KeyPath parameter.