COMMENTS ARE ALWAYS WELCOMED ON MY POSTS:
For starters there are several methods for working and viewing certificates. These are the steps I took while digging into certs. I’ll try and go over things in a top down fashion so it will be easy to follow along.
When starting in PowerShell and running as administrator the default location is c:\windows\system32. I like changing or creating a temp directory where commands and output can be traced quickly by having all items in one central location. Your PowerShell Profile should be setup to use a different folder as your starting folder. Standard output items could end up in c:\windows\system32 and I’d rather not clutter up that folder with extra output that really should not be in that folder.
(Get-Help about_profiles) is a good starting point when reading about profiles.
Example set your location to use the home path: Set-Location $env:homepath.
Setting your to something different all should be ok. For running my examples I’m going to Set-Location to the PSPATH “CERT”.
You can and should set your default directory in your $Profile
I’m setting location to “CERT” as this is where I want to start out. With out the semicolon at the end of CERT:
you’ll receive an error so just re-enter and add :.
Clear the host that’s more for me at this point so I could have a clean capture. 🙂
Running GET-CHILDITEM shows us the certificate stores located on the machine for the current user and
local machine. You can SET-LOCATION to either CurrentUser or LocalMachine. For now I’ll go with LocalMachine
And, once in CERT:/ SET-LOCATION CurrentUser then run GET-CHILDITEM.
The certmgr screen can be assessed via command line with this command Invoke-item CERT:
There are some differences in appearance but essentially can do the same with both interfaces. In another post I’ll go over the GUI screen.
Switch to the LocalMachine area. SET-LOCATION CERT:\LocalMachine
So, far we’ve setup to begin working with certificates. The following is a listing of commands that can be used
while working with certificates.
For Source you can see that PKI is listed. That’s because we IMPORTED-MODULE PKI
You can also run this command to get a sorted list. (I’m using Source)
GET-COMMAND *CERT* | Sort-Object -Descending Source