locked
Extract .p12 Property Information via PowerShell RRS feed

  • Question

  • I am a systems administrator for a large manufacturing company. I have 500+ wireless certificates that I use on a regular basis to authenticate my end devices to the wireless network. The CISO is the sole person in the company that has any access to our RADIUS server where I would be able to view my certificates' information without issue. Trying to get information from the CISO is akin to pulling teeth sans medication. I would like to use powershell to extract property data from the certificates such as expiration date, creation date, etc. Is this possible?

    Happy Hunting!

    Friday, September 12, 2014 11:00 AM

Answers

  • The solution I am looking for needs to query certificates that are not installed and just sitting as the .p12 files themselves.


    Happy Hunting!


    That is what I just posted.  Did you look at it?


    ¯\_(ツ)_/¯

    • Marked as answer by Draconus0311 Friday, September 12, 2014 3:52 PM
    Friday, September 12, 2014 2:21 PM

All replies

  • You don't need PowerShell.  Just use "certutil". It can dump all information except the signing key and it can dump a whole store of certs.


    ¯\_(ツ)_/¯

    Friday, September 12, 2014 11:33 AM
  • For the Local store just use this:

    Get-ChildItem cert:\CurrentUser\My | Format-List


    ¯\_(ツ)_/¯

    Friday, September 12, 2014 11:35 AM
  • In order to use these methods, I would first need to install these certs. Correct?

    Happy Hunting!

    Friday, September 12, 2014 12:16 PM
  • In order to use these methods, I would first need to install these certs. Correct?

    Happy Hunting!

    Yes.

    Certutil can read most cert file formats directly.

    You can aslo use the security classes to load certs.  There should be examples in the repository. (Gallery)


    ¯\_(ツ)_/¯

    Friday, September 12, 2014 12:18 PM
  • Simple example for a CER file:

    PS C:\> $filename='c:\temp2\certs\jpd.cer'
    PS C:\> $cert=[System.Security.Cryptography.X509Certificates.X509Certificate2]::CreateFromSignedFile($filename)
    PS C:\scripts> $cert|fl
    
    
    Handle  : 395085680016
    Issuer  : CN=Communications Server
    Subject : CN=XXXXXX@YYYYYY.com
    
    


    ¯\_(ツ)_/¯

    Friday, September 12, 2014 12:36 PM
  • The solution I am looking for needs to query certificates that are not installed and just sitting as the .p12 files themselves.


    Happy Hunting!


    • Edited by Draconus0311 Friday, September 12, 2014 2:15 PM clarification
    Friday, September 12, 2014 2:15 PM
  • The solution I am looking for needs to query certificates that are not installed and just sitting as the .p12 files themselves.


    Happy Hunting!


    That is what I just posted.  Did you look at it?


    ¯\_(ツ)_/¯

    • Marked as answer by Draconus0311 Friday, September 12, 2014 3:52 PM
    Friday, September 12, 2014 2:21 PM
  • Sorry, no I hadn't. Thank you very much!

    Happy Hunting!

    Friday, September 12, 2014 3:53 PM