I want to get all certificates from my system. So I used the System.Security.Cryptography.X509Certificates class.
When I remove the ()
after the X509Store
I getting the same results like I entered "My"
What is the right membername to see all certificates? It is possible?
$store=new-object System.Security.Cryptography.X509Certificates.X509Store("CA")
# Put in CA, My, root etc.
$store.open("ReadOnly")
$store.Certificates
$store.Certificates.count
You can get them from your local cert drive:
Get-ChildItem Cert:\CurrentUser\CA # user certs
Get-ChildItem Cert:\LocalMachine\CA # machine certs
Get-ChildItem Cert:\LocalMachine\My
This is fun if you have WinRM installed but in a much more standard way to find all certificate it is much better to use something like
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("\\$server_name\My","LocalMachine")
$store.Open("ReadOnly")
$store.Certificates
The following PowerShell script will ask for the DNS name of a remote computer, then it asks for Domain Admin credentials so it can connect and query. The resulting $AllCerts var has every certificate from every store. It then also exports them to a CSV file in the $env:temp folder and opens the folder in Windows Explorer.
function Get-Cert( $computer=$env:computername ){
$cred = Get-Credential -Message "Enter credentials for a Domain Admin"
$ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
$lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
$Stores = (Invoke-Command $computer {Get-ChildItem cert:\LocalMachine} -Credential $cred).Name
$AllStores = @()
foreach ($store in $Stores){
$AllStores += new-object System.Security.Cryptography.X509Certificates.X509Store("\\$computer\$store",$lm)
}
$AllStores.Open($ro)
$AllStores.Certificates
}
write-host "Enter remote computer to poll certificate information from" -ForegroundColor Cyan
$remoteComputer = read-host
$AllCerts = Get-Cert $remoteComputer
$AllCerts = $AllCerts | Select Subject,Issuer,Thumbprint,NotBefore,NotAfter
$AllCerts | Where-Object {$_.NotAfter -lt (Get-Date)} | format-list
$AllCerts | export-csv -NoTypeInformation $env:temp\$($remoteComputer)_AllCerts.csv
start $env:temp
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.