stackoom
  简体   繁体   中英

PowerShell - X509Certificates.X509Store get all certificates?

 原文  2011-09-20 12:45:01       c#/ .net/ powershell

Question

I want to get all certificates from my system. So I used the System.Security.Cryptography.X509Certificates class. When I remove the () after the X509Store I getting the same results like I entered "My"

What is the right membername to see all certificates? It is possible?

MSDN StoreName Enumeration 

$store=new-object System.Security.Cryptography.X509Certificates.X509Store("CA")
# Put in CA, My, root etc.
$store.open("ReadOnly")
$store.Certificates
$store.Certificates.count

3 answers

solution1
 7 ACCPTED  2011-09-20 13:23:53

You can get them from your local cert drive:

Get-ChildItem Cert:\CurrentUser\CA # user certs

Get-ChildItem Cert:\LocalMachine\CA # machine certs

solution2
 1  2014-04-28 20:07:00

Get-ChildItem Cert:\LocalMachine\My

This is fun if you have WinRM installed but in a much more standard way to find all certificate it is much better to use something like

$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("\\$server_name\My","LocalMachine")

$store.Open("ReadOnly")             
$store.Certificates

solution3
 0  2021-06-21 18:54:11

The following PowerShell script will ask for the DNS name of a remote computer, then it asks for Domain Admin credentials so it can connect and query. The resulting $AllCerts var has every certificate from every store. It then also exports them to a CSV file in the $env:temp folder and opens the folder in Windows Explorer.

function Get-Cert( $computer=$env:computername ){
    $cred = Get-Credential -Message "Enter credentials for a Domain Admin"
    $ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"    
    $Stores = (Invoke-Command $computer {Get-ChildItem cert:\LocalMachine} -Credential $cred).Name
    $AllStores = @()
    foreach ($store in $Stores){
        $AllStores += new-object System.Security.Cryptography.X509Certificates.X509Store("\\$computer\$store",$lm)
    }
    $AllStores.Open($ro)
    $AllStores.Certificates
}
write-host "Enter remote computer to poll certificate information from" -ForegroundColor Cyan
$remoteComputer = read-host
$AllCerts = Get-Cert $remoteComputer
$AllCerts = $AllCerts | Select Subject,Issuer,Thumbprint,NotBefore,NotAfter
$AllCerts | Where-Object {$_.NotAfter -lt (Get-Date)} | format-list 
$AllCerts | export-csv -NoTypeInformation $env:temp\$($remoteComputer)_AllCerts.csv
start $env:temp

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to retrieve all certificates in your X509Store X.509 certificates on WCF? Why can't I enumerate X509Store.Certificates X509Store Certificates.Find FindByThumbprint Problems with X509Store Certificates.Find FindByThumbprint how to load password protected certificates from the X509Store? Frequent retrieval of certificates from X509Store Can't read CurrentUser certificates from X509Store Storing and Managing X509Certificates in .Net Encrypt XML Elements with X.509 Certificates
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM