我想要一个可以在服务器上运行的工具,它将从已安装的SSL证书中提取并返回指定的属性。我对“发行人”和“指纹”属性特别感兴趣。我知道我可以简单地打开证书的属性对话框并复制它们,然后将它们粘贴到我的应用程序中,但为了避免可能容易出错的手动过程,当其他人在多个站点执行此操作时,我想要一个工具或脚本我可以调用它只是从指定的证书返回指定属性的值。我很好,如果我需要为每个所需的财产单独调用。这个交钥匙越多越好。请问有什么建议吗?
答案 0 :(得分:0)
你想做这样的事情:
Get-ChildItem Cert:\LocalMachine\Root\ | Select Issuer,Thumbprint
以下是您可以从 System.Security.Cryptography.X509Certificates.X509Certificate2 对象(通用证书)轻松获取的属性列表。
Name MemberType Definition
---- ---------- ----------
Archived Property bool Archived {get;set;}
Extensions Property System.Security.Cryptography.X509Certificates.X509ExtensionCollection Extensions {get;}
FriendlyName Property string FriendlyName {get;set;}
Handle Property System.IntPtr Handle {get;}
HasPrivateKey Property bool HasPrivateKey {get;}
Issuer Property string Issuer {get;}
IssuerName Property System.Security.Cryptography.X509Certificates.X500DistinguishedName IssuerName {get;}
NotAfter Property datetime NotAfter {get;}
NotBefore Property datetime NotBefore {get;}
PrivateKey Property System.Security.Cryptography.AsymmetricAlgorithm PrivateKey {get;set;}
PublicKey Property System.Security.Cryptography.X509Certificates.PublicKey PublicKey {get;}
RawData Property byte[] RawData {get;}
SerialNumber Property string SerialNumber {get;}
SignatureAlgorithm Property System.Security.Cryptography.Oid SignatureAlgorithm {get;}
Subject Property string Subject {get;}
SubjectName Property System.Security.Cryptography.X509Certificates.X500DistinguishedName SubjectName {get;}
Thumbprint Property string Thumbprint {get;}
Version Property int Version {get;}
DnsNameList ScriptProperty System.Object DnsNameList {get=,(new-object Microsoft.Powershell.Commands.DnsNameProperty -argumentlist $this).DnsNameList;;}
EnhancedKeyUsageList ScriptProperty System.Object EnhancedKeyUsageList {get=,(new-object Microsoft.Powershell.Commands.EnhancedKeyUsageProperty -argumentlist $this).EnhancedKeyUsageList;;}
SendAsTrustedIssuer ScriptProperty System.Object SendAsTrustedIssuer {get=[Microsoft.Powershell.Commands.SendAsTrustedIssuerProperty]::ReadSendAsTrustedIssuerProperty($this);set=$sendAsTrustedIssuer = $args[0]...