how to retrieve cert path / chain for each cert in personal store
-
Friday, October 19, 2012 7:21 PM
Hi all,
we want to list each cert in personal store along with the certificate path or cert chain associated to that cert.
without exporting certsfor ex
cert A
has path as
Cert 001
||Cert 001.xttt
|
cert xtt.ui
|
cert A
Manish
All Replies
-
Friday, October 19, 2012 8:10 PM
Hi all,
we want to list each cert in personal store along with the certificate path or cert chain associated to that cert.
without exporting certsfor ex
cert A
has path as
Cert 001
||Cert 001.xttt
|
cert xtt.ui
|
cert A
Manish
This is all you can read. There is nothing else to list in the cert store;
dir cert:CurrentUser\My|select *
There is no certification path. YOu would need to examine the actual certificate.
These are all of the things that are optionally gettable:
SimpleName
EmailName
UpnName
DnsName
DnsFromAlternativeName
UrlName¯\_(ツ)_/¯
-
Friday, October 19, 2012 8:11 PMModerator
Hi,
Please read the following:
Bill
- Proposed As Answer by Bill_StewartMicrosoft Community Contributor, Moderator Thursday, December 20, 2012 11:40 PM
- Unproposed As Answer by Bill_StewartMicrosoft Community Contributor, Moderator Monday, December 31, 2012 3:49 PM
- Marked As Answer by Bill_StewartMicrosoft Community Contributor, Moderator Wednesday, February 06, 2013 10:02 PM
-
Saturday, October 20, 2012 12:34 AM
oh !!! snap .
my bad. second part of my ask dint showed up in this forum.
I am expecting that is the reason AbqBill redirected me to guidlines :). if this isnt the correct forum or i still havent provided enough information, please let me know.thanks
here it is
foreach ($getCert in (Get-ChildItem -Recurse Cert:\localmachine\My))
---------------
below script is able to pull some content but i would like to know is there a better way to do it.
as you can see in below script, output kind of ugly and also it has been hardcoded that level of depth of a certpath wil not go beyond 4.
so it will not work in case it has more than 4 levels.
please suggest
{
$root1 = Get-ChildItem -Recurse Cert:\localmachine\CA | Where-Object {$_.Subject -eq $getCert.Issuer}
$root2 = Get-ChildItem -Recurse Cert:\localmachine\CA | Where-Object {$_.Subject -eq $root1.Issuer}
if ($root1.Issuer -ne $root2.Issuer)
{
$root3 = Get-ChildItem -Recurse Cert:\localmachine\CA | Where-Object {$_.Subject -eq $root2.Issuer}
if ($root2 -ne $root3)
{
$root4 = Get-ChildItem -Recurse Cert:\localmachine\CA | Where-Object {$_.Subject -eq $root3.Issuer}
if($root3 -ne $root4)
{
$root5 = Get-ChildItem -Recurse Cert:\localmachine\CA | Where-Object {$_.Subject -eq $root4.Issuer}
}
else{$getCert.Subject +" root is :"+ $root3.Subject}
}
else{$getCert.Subject +" root is :"+ $root2.Subject}
}
else { $getCert.Subject +" root is : "+ $root1.Subject }
}Manish
-
Saturday, October 20, 2012 1:13 AM
Your script has nothing to do with personal certs. It is an enu7meration of teh machine store only.
This also has nothing to do with paths. It just enumerates a couple of stores.
Sorry
¯\_(ツ)_/¯
-
Monday, December 31, 2012 3:50 PMModerator
Hi,
Do you still need help with this question?
Bill
.png)
