获取SSL证书'颁发给'

thigvfpy  于 2022-11-14  发布在  其他
关注(0)|答案(5)|浏览(153)

我想知道如何获取本地计算机SSL证书Issued to字段值。我使用此命令显示所有SSL证书信息,但它没有显示Issued To字段
GET-CHILDITEM -Path 'Cert:\LocalMachine\' –RECURSE | FORMAT-LIST –PROPERTY *

fnatzsnv

fnatzsnv1#

这是否回答了您的问题?

gci Cert:\LocalMachine\my| select -expandp dnsnamelist

享受-汤姆

myss37ts

myss37ts2#

使用Subject属性。

Get-ChildItem -Path 'Cert:\LocalMachine\' -Recurse | Format-List -Property Subject
h79rfbju

h79rfbju3#

IssuedTo字段似乎是由certmgr.msc基于Subject字段动态生成的。
根据我在计算机上安装的证书,我得到的最接近的结果如下:

$CertsDetail = Get-ChildItem -Path 'Cert:\LocalMachine\' –Recurse
$CertsDetail | select @{n="IssuedTo";e={(($_.Subject -split ",") |? {$_ -like "CN=*"}) -replace "CN="}}

我所做的是使用calculated属性来找到Subject中的第一个CN=部分,然后删除那个CN=部分。当然,这并没有涵盖所有可能的情况,但您可以将其作为起点。

xghobddn

xghobddn4#

您可以尝试从Issuer字段解析它们:

Get-ChildItem -Path 'Cert:\LocalMachine\' -Recurse |                                            #'# dummy comment to correct code-highlighting in SO
    Where-Object { !$_.PsIsContainer } | 
    ForEach-Object {
        # get at most two parts out of the $_.Issuer string
        $issuer = '{0}, {1}' -f ([regex] 'O=([^,]+)').Match($_.Issuer).Groups[1].Value, 
                                ([regex] 'CN=([^,]+)').Match($_.Issuer).Groups[1].Value
        [PSCustomObject]@{
            FriendlyName = $_.FriendlyName
            Issuer       = $issuer.Trim(', "')
            Subject      = $_.Subject
        }
    } | Format-List

在我的计算机上,它返回如下内容:

FriendlyName : Sectigo
Issuer       : The USERTRUST Network, USERTrust RSA Certification Authority
Subject      : CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US

FriendlyName : Go Daddy Class 2 Certification Authority
Issuer       : The Go Daddy Group
Subject      : OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US

FriendlyName : VeriSign
Issuer       : VeriSign
Subject      : OU=VeriSign Commercial Software Publishers CA, O="VeriSign, Inc.", L=Internet
vuktfyat

vuktfyat5#

我使用@Theo的示例为那些要求使用certlm.msc UI视图工具进行交叉检查的用户制作了类似的工具。

Get-ChildItem -Path 'Cert:\LocalMachine\' -Recurse |
    Where-Object { !$_.PsIsContainer } | 
    ForEach-Object {

        # use the same fields as certlm.msc
        $issuer = '{0}' -f ([regex] 'CN=([^,]+)').Match($_.Issuer).Groups[1].Value
        $subject = '{0}' -f ([regex] 'CN=([^,]+)').Match($_.Subject).Groups[1].Value

        [PSCustomObject]@{
            Store        = $_.PSParentPath.SubString($_.PSParentPath.IndexOf("::")+2)
            IssuedTo      = $subject.Trim(', "') #$_.Subject
            IssuedBy       = $issuer.Trim(', "')
            Expires      = $_.NotAfter
            PrivateKey      = $_.HasPrivateKey
            Exportable     = $_.PrivateKey.CspKeyContainerInfo.Exportable
            Thumb        = $_.Thumbprint
        }
    } | Sort-Object -Property Store, IssuedTo | FT -AutoSize

相关问题