我正在尝试使用以下代码获取受密码保护的pfx文件的指纹:
function Get-CertificateThumbprint {
#
# This will return a certificate thumbprint, null if the file isn't found or throw an exception.
#
param (
[parameter(Mandatory = $true)][string] $CertificatePath,
[parameter(Mandatory = $false)][string] $CertificatePassword
)
try {
if (!(Test-Path $CertificatePath)) {
return $null;
}
if ($CertificatePassword) {
$sSecStrPassword = ConvertTo-SecureString -String $CertificatePassword -Force –AsPlainText
}
$certificateObject = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$certificateObject.Import($CertificatePath, $sSecStrPassword);
return $certificateObject.Thumbprint
} catch [Exception] {
#
# Catch accounts already added.
throw $_;
}
}
当我运行它时,我收到此错误:
Cannot find an overload for "Import" and the argument count: "2".
At C:\temp\test.ps1:36 char:9
+ $certificateObject.Import($CertificatePath, $sSecStrPassword);
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodException
+ FullyQualifiedErrorId : MethodCountCouldNotFindBest
有人可以帮我解决这个问题吗?
全部谢谢。 : - )
答案 0 :(得分:30)
根据this SuperUser response,在PS 3.0中有Get-PfxCertificate command来做到这一点:
Get-PfxCertificate -FilePath Certificate.pfx
答案 1 :(得分:10)
你可以这样做
$certificateObject = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$certificateObject.Import($CertificatePath, $sSecStrPassword, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::DefaultKeySet)
return $certificateObject.Thumbprint
请记住设置这两个变量:$ CertificatePath和$ sSecStrPassword
答案 2 :(得分:4)
PowerShell错误消息是正确的。没有重载需要两个参数。根据您使用的参数,我认为您需要overload that requires a third parameter - 枚举 - X509KeyStorageFlags,例如
$certificateObject.Import($CertificatePath, $sSecStrPassword, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::DefaultKeySet)
答案 3 :(得分:2)
这是我用来读取文件中证书的指纹而无需在Windows PowerShell 5.1上导入文件的情况:
$Thumbprint = (Get-PfxData -Password $MyPFXCertificatePwdSecureString -FilePath $CertificateFilePath).EndEntityCertificates.Thumbprint
有关Get-PfxData的更多信息,可以在这里找到: https://docs.microsoft.com/en-us/powershell/module/pkiclient/get-pfxdata
答案 4 :(得分:1)
仅供参考,看起来像Get-PfxCertificate将添加在powershell 6.0中传递密码的功能。
答案 5 :(得分:1)
感谢您的回答:Is there a command line utility to extract the certificate thumbprint? 我能够得出以下效果很好的单线纸:
int[] ids;
using(var db = new ApplicationDbContext())
{
// query to surface id's of records representing work to be done
ids = GetIdsOfRecordsRepresentingSomeTask(db);
}
Parallel.ForEach(ids, id => {
using(var db = new ApplicationDbContext())
{
var processor = new SomeTaskProcessor(db, id);
processor.ExecuteLongRunningProcessThatReadsDbAndCreatesSomeNewRecords();
db.SaveChanges();
}
});
如果PFX受密码保护,则
$thumbprint = (certutil -split -dump .\cert.pfx | findstr /c:"Cert Hash(sha1)").Substring(17)[-1]
从技术上讲,它不是纯Powershell,因为它会调用certutil.exe,但是应该在每个Windows系统上都可以,因此可以正常工作。
答案 6 :(得分:0)
如果在powershell中遇到路径错误,请使用以下脚本:
$sSecStrPassword = "Come up with something secure!";
$FilePath = "c:\a\"
$FileName = "mycert"
$FileType = ".pfx"
$certificateObject = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$certificateObject.Import($FilePath+$FileName+$FileType, $sSecStrPassword, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::DefaultKeySet)
return $certificateObject.Thumbprint