Mark Minasi's Tech Forum
Sign up Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 940
Reply with quote  #1 
So I'm trying to document the process of certificate installs for Azure access for VPN's and in the process I need to know if the certificate is installed.

I found a sample script that did some of what I wanted, exported the certs in the Trusted Root Certification Authorities - http://blogs.technet.com/b/parallel_universe_-_ms_tech_blog/archive/2015/10/22/export-all-your-trusted-root-certificate-from-local-machine-store.aspx

I modified it a bit to suit me needs and get the localcomputer account and currentuser account.
Yes I can clean it up and will to remove the dual reference.
But, its not pulling all the certs from the stores.
Even if I just pull the hash/ thumbprints its not pulling all certs.

Pulling certs + friendly names

$type = [System.Security.Cryptography.X509Certificates.X509ContentType]::Cert
$certs = get-childitem -path cert:\LocalMachine\AuthRoot

foreach($cert in $certs)
{
$hash = $cert.GetCertHashString()
$Name = $cert.FriendlyName
$path = "c:\temp\computer\" + $Name + " - " + $hash + ".der"
[System.IO.File]::WriteAllBytes($path, $cert.export($type) )
}
$type = [System.Security.Cryptography.X509Certificates.X509ContentType]::Cert
$certs = get-childitem -path cert:\CurrentUser\AuthRoot

foreach($cert in $certs)
{
$hash = $cert.GetCertHashString()
$Name = $cert.FriendlyName
$path = "c:\temp\currentuser\" + $Name + " - " + $hash + ".der"
[System.IO.File]::WriteAllBytes($path, $cert.export($type) )
}

Just the hash names

$type = [System.Security.Cryptography.X509Certificates.X509ContentType]::Cert
$certs = get-childitem -path cert:\CurrentUser\AuthRoot

foreach($cert in $certs)
{
$hash = $cert.GetCertHashString()
$Name = $cert.FriendlyName
$path = "c:\temp\currentuser\" + " - " + $hash + ".der"
[System.IO.File]::WriteAllBytes($path, $cert.export($type) ) 
}

I've very definitely got 22 certs prior to the VPN install and 23 post the install of the client VPN.

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.