PowerShell - x509证书.获取所有证书

您可以从本地证书驱动器获取它们:

Get-ChildItem Cert:'CurrentUser'CA # user certs
Get-ChildItem Cert:'LocalMachine'CA # machine certs

Get-ChildItem Cert:'LocalMachine'My

如果你已经安装了WinRM，这很有趣，但是要找到所有的证书，更标准的方法是使用像

$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("''$server_name'My","LocalMachine")
$store.Open("ReadOnly")             
$store.Certificates

下面的PowerShell脚本将要求远程计算机的DNS名称，然后它要求Domain Admin凭据，以便它可以连接和查询。生成的$AllCerts变量包含来自每个存储的所有证书。然后，它还将它们导出到$env:temp文件夹中的CSV文件，并在Windows资源管理器中打开该文件夹。

function Get-Cert( $computer=$env:computername ){
    $cred = Get-Credential -Message "Enter credentials for a Domain Admin"
    $ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"    
    $Stores = (Invoke-Command $computer {Get-ChildItem cert:'LocalMachine} -Credential $cred).Name
    $AllStores = @()
    foreach ($store in $Stores){
        $AllStores += new-object System.Security.Cryptography.X509Certificates.X509Store("''$computer'$store",$lm)
    }
    $AllStores.Open($ro)
    $AllStores.Certificates
}
write-host "Enter remote computer to poll certificate information from" -ForegroundColor Cyan
$remoteComputer = read-host
$AllCerts = Get-Cert $remoteComputer
$AllCerts = $AllCerts | Select Subject,Issuer,Thumbprint,NotBefore,NotAfter
$AllCerts | Where-Object {$_.NotAfter -lt (Get-Date)} | format-list 
$AllCerts | export-csv -NoTypeInformation $env:temp'$($remoteComputer)_AllCerts.csv
start $env:temp

奇妙的脚本，我有问题与它的命名，可以很容易地我，但改变了这个，非常满意的输出，谢谢!来自:

$AllCerts | export-csv -NoTypeInformation $env:temp'$($remoteComputer)_AllCerts.csv
start $env:temp
To:
$AllCerts | export-csv c:'temp'AllCerts.csv -NoTypeInformation