none
How to retrieve certificate information from a remote server with PowerShell

    Question

  • Good Morning,

     

    I’d like to know if the certificates on a remote machine are up to date.

     

    I can get the list of the expired certificates with the following PowerShell command line:

     

    get-item cert:\LocalMachine\* | get-ChildItem | Where-Object -FilterScript {($_.NotAfter -lt (Get-Date))} | format-list -property PSPath,FriendlyName,NotAfter

     

    but I cannot get the certificate objects of a remote machine.

     

    Any idea?

     

    Thanks in advance,

    Francesco

     

    Thursday, August 23, 2007 10:29 AM

All replies

  • Francesco,

    Did you ever discover a method to retrieve certificate objects from a remote machine? I would also be interested in this and have not found anything on the web.

    Thanks,
    Seth

    Friday, May 01, 2009 4:10 PM
  • Hi Guys,

    Did you manage to sort this one out?  Ive been looking for the same functionality myself.

    Cheers
    Tuesday, June 23, 2009 12:25 AM
  • Hi, I've been trying to solve the same problem and I thing that I found a manner to obtain access to remote machines cert store. I tried that script and works for me:

    #############################################################
    #						     #
    #	Listing Certificates in Cert Store located in      #
    #	remote machine			              #
    #						     #
    #############################################################
    
    [int] $CERT_STORE_PROV_SYSTEM = 10
    [int] $CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x20000
    
    $certs = @()
    $computer = '\\remote machine\root'
    
    $signature = @'
    [DllImport("CRYPT32.DLL", EntryPoint="CertEnumCertificatesInStore", CharSet=CharSet.Auto, SetLastError=true)]
    public static extern IntPtr CertEnumCertificatesInStore( 
    	IntPtr storeProvider, 
    	IntPtr prevCertContext);
    	
    [DllImport("CRYPT32.DLL", EntryPoint="CertOpenStore", CharSet=CharSet.Auto, SetLastError=true)]
    public static extern IntPtr CertOpenStoreStringPara( 
    	int storeProvider,
    	int encodingType,
    	IntPtr hcryptProv,
    	int flags,
    	String pvPara);
    	
    [DllImport("CRYPT32.DLL", EntryPoint="CertCloseStore", CharSet=CharSet.Auto, SetLastError=true)]
    [return : MarshalAs(UnmanagedType.Bool)]
    public static extern bool CertCloseStore(
    	IntPtr storeProvider, 
    	int flags);
    '@
    $type = Add-Type -MemberDefinition $signature `
    		-Name Win32Utils -Namespace CertStore `
    		-PassThru
    
    $store = $type::CertOpenStoreStringPara($CERT_STORE_PROV_SYSTEM, 0, 0, $CERT_SYSTEM_STORE_LOCAL_MACHINE, $computer)
    $certID = ($type::CertEnumCertificatesInStore($store,0))
    While ($certID -ne 0) {
    	$certs += ([System.Security.Cryptography.X509Certificates.X509Certificate2]($certID))
    	$certID = ($type::CertEnumCertificatesInStore($store,$certID))
    }
    $type::CertCloseStore($store,$null)
    
    #Just for testing
    foreach ($cert in $certs) {
    	$cert.Subject
    }
    Thursday, January 21, 2010 12:03 PM
  • What type of script is this?

    If I want to use this script is the only value that needs to be adjusted: $computer = '\\remote machine\root'

    Where do the results go?
    Monday, February 08, 2010 4:27 PM
  • This would be a Microsoft PowerShell script.

    Check out more on PoSh here: http://technet.microsoft.com/en-us/scriptcenter/dd742419.aspx

    This script simply reads the certs to the screen, but it does store them in the object $certs that can be manipulated.
    If at first you don't succeed Step-Into

    http://theposherlife.blogspot.com
    http://www.jandctravels.com
    Tuesday, March 09, 2010 4:43 PM
  • If you've got psremoting enabled, it's as easy as:

    $certs = invoke-command {gci cert: -recurse} -computername <remote computer>
    • Edited by mjolinor Tuesday, March 09, 2010 5:09 PM added -recurse
    • Proposed as answer by R G Thursday, March 24, 2011 1:50 AM
    Tuesday, March 09, 2010 5:07 PM
  • Try this

     

    function Get-Cert( $computer=$env:computername ){

        $ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"

        $lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"

        $store=new-object System.Security.Cryptography.X509Certificates.X509Store("\\$computer\root",$lm)

        $store.Open($ro)

    $store.Certificates

    }

    Get-Cert "REMOTECOMPUTER"| ?{$_.NotAfter -lt (Get-Date)} | format-list -property PSPath,FriendlyName,NotAfter

    • Proposed as answer by R G Thursday, March 24, 2011 1:51 AM
    Thursday, March 24, 2011 1:50 AM