Instantiate Microsoft Certificate Authority management interface using powershell

Microsoft’s Certificate Authority management interface as mentioned in http://msdn.microsoft.com/en-us/library/aa383234(VS.85).aspx is implemented in certadm.dll. certadm.dll does not ship by default on client system and is part of admin pack (or called Remote Server Administration tools http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960&displaylang=en) that can be installed on the client system. Once installed, you can quickly test the interface using powershell with this sample…

0

Generating a certificate (self-signed) using powershell and CertEnroll interfaces

In this article I will explore using the certenroll interfaces to create certificates for testing/local usage. To scope the discussion, we would look at various options exposed via makecert.exe tool (http://msdn.microsoft.com/en-us/library/aa386968(VS.85).aspx .  We will start by looking at a sample powershell script that creates a self-signed machine certificate that has “server auth” eku: $name = new-object -com “X509Enrollment.CX500DistinguishedName.1″$name.Encode(“CN=TestServer”, 0) $key…

9

Adding certificates for a serialized store (sst) file to an actual physical store

In my previous post I used the CMS type to open a PKCS7. Apparently X509Certificate2Collection Import method can also be used to open up a PKCS7. This would be far more simpler then using CMS. Additionally, you might be asked to add the certificates you obtained from PKCS7 file or a serialized store (sst) file to an…

1

PKCS7 (p7b) bag of certificates and powershell

Recently I was asked how to extract the certificates within a PKCS7 (p7b) files using powershell. After a little research the following seems to work fine: [reflection.assembly]::LoadWithPartialName(“System.Security”)$data = [System.IO.File]::ReadAllBytes(“certificates.p7b”)$cms = new-object system.security.cryptography.pkcs.signedcms$cms.Decode($data)$cms.Certificates | foreach {New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $_} | echo  

2