PowerShell - Get-Credential and certificates

Article
09/16/2017

Matthew Bongiovi had a discussion on Get-Credential and how it works. So useful, that I thought I'd cut/paste it here so that you and I can refer to it in future! See below:

The Get-Credential cmdlet generates the prompt using the CredUIPromptForCredentials function. The documentation for that function says:

“In the case of credentials other than UserName/Password, a marshaled format of the credential can be passed in. This string is created by calling CredMarshalCredential.”

For me, this is actually exactly what I want. However, for someone else looking to then decode that UserName string in the PSCredential, they can reverse the marshalling of that string into its struct, which is the CERT_CREDENTIAL_INFO struct. From that, they could collect the SHA-1 hash of the certificate.

Thanks,

Matt

SAMPLE CODE AT: https://github.com/bongiovimatthew-microsoft/pscredentialWithCert

PS. Matt has now blogged this in detail!
https://blogs.technet.microsoft.com/heyscriptingguy/2017/12/15/powershell-support-for-certificate-credentials/

PowerShell - Get-Credential and certificates

Additional resources