update cert helper functions
This commit is contained in:
parent
006b9b6b5f
commit
36b4ee31bb
81
src/Certificate/Get-CSCertificate.ps1
Normal file
81
src/Certificate/Get-CSCertificate.ps1
Normal file
@ -0,0 +1,81 @@
|
||||
function Get-CSCertificate {
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Returns the certificate object given by thumbprint.
|
||||
|
||||
.DESCRIPTION
|
||||
You can use this function to get a stored certificate. Search for the object by its unique thumbprint.
|
||||
|
||||
.PARAMETER Thumbprint
|
||||
Provide one or more thumprints.
|
||||
|
||||
.PARAMETER StoreName
|
||||
Select the store name in which you want to search the certificates.
|
||||
|
||||
.PARAMETER StoreLocation
|
||||
Select between the both available locations CurrentUser odr LocalMachine.
|
||||
|
||||
.INPUTS
|
||||
[string]
|
||||
|
||||
.OUTPUTS
|
||||
[System.Security.Cryptography.X509Certificates.X509Certificate2[]]
|
||||
|
||||
.EXAMPLE
|
||||
Get-CSCertificate -Thumbprint '12345678' -StoreName 'My' -StoreLocation 'CurrentUser'
|
||||
|
||||
.NOTES
|
||||
File Name : Get-CSCertificate.ps1
|
||||
Author : Marco Blessing - marco.blessing@googlemail.com
|
||||
Requires :
|
||||
|
||||
.LINK
|
||||
https://github.com/OCram85/PSCredentialStore
|
||||
#>
|
||||
[CmdletBinding()]
|
||||
[OutputType([System.Security.Cryptography.X509Certificates.X509Certificate2])]
|
||||
param(
|
||||
[Parameter(Mandatory = $true, ValueFromPipeline = $true)]
|
||||
[ValidateNotNullOrEmpty()]
|
||||
[string[]]$Thumbprint,
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'AddressBook',
|
||||
'AuthRoot',
|
||||
'CertificateAuthority',
|
||||
'Disallowed',
|
||||
'My',
|
||||
'Root',
|
||||
'TrustedPeople',
|
||||
'TrustedPublisher'
|
||||
)]
|
||||
[string]$StoreName = 'My',
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'CurrentUser',
|
||||
'LocalMachine'
|
||||
)]
|
||||
[string]$StoreLocation = 'CurrentUser'
|
||||
)
|
||||
|
||||
begin {
|
||||
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::New($StoreName, $StoreLocation)
|
||||
try {
|
||||
$Store.Open('ReadOnly')
|
||||
}
|
||||
catch {
|
||||
$_.Exception.Message | Write-Error -ErrorAction Stop
|
||||
}
|
||||
}
|
||||
|
||||
process {
|
||||
foreach ($Thumb in $Thumbprint) {
|
||||
Write-Output $Store.Certificates | Where-Object { $_.Thumbprint -eq $Thumb }
|
||||
}
|
||||
}
|
||||
end {
|
||||
$Store.Close()
|
||||
}
|
||||
}
|
@ -12,7 +12,7 @@ function Import-CSCertificate {
|
||||
Path to an existing *.pfx certificate file.
|
||||
|
||||
.PARAMETER StoreName
|
||||
Additionally you change change the store where you want the certificate into
|
||||
Additionally you change change the store where you want the certificate into.
|
||||
|
||||
.INPUTS
|
||||
[None]
|
||||
@ -39,7 +39,6 @@ function Import-CSCertificate {
|
||||
[string]$Path,
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateNotNullOrEmpty()]
|
||||
[ValidateSet(
|
||||
'AddressBook',
|
||||
'AuthRoot',
|
||||
@ -50,16 +49,52 @@ function Import-CSCertificate {
|
||||
'TrustedPeople',
|
||||
'TrustedPublisher'
|
||||
)]
|
||||
[string]$StoreName = 'My'
|
||||
[string]$StoreName = 'My',
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'CurrentUser',
|
||||
'LocalMachine'
|
||||
)]
|
||||
[string]$StoreLocation = 'CurrentUser',
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'ReadOnly',
|
||||
'ReadWrite',
|
||||
'MaxAllowed',
|
||||
'OpenExistingOnly',
|
||||
'InclueArchived'
|
||||
)]
|
||||
[string]$OpenFlags = 'ReadWrite'
|
||||
)
|
||||
begin {
|
||||
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::new('My')
|
||||
$Store.Open('ReadWrite')
|
||||
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::new($StoreName, $StoreLocation)
|
||||
try {
|
||||
$Store.Open($OpenFlags)
|
||||
}
|
||||
catch {
|
||||
$_.Exception.Message | Write-Error -ErrorAction Stop
|
||||
}
|
||||
}
|
||||
process {
|
||||
try {
|
||||
$cert = Get-PfxCertificate -FilePath $Path -ErrorAction Stop
|
||||
$Store.Add($cert)
|
||||
$cert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new()
|
||||
$cert.Import(
|
||||
$Path,
|
||||
$null,
|
||||
(
|
||||
[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable -bor
|
||||
[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::PersistKeySet
|
||||
)
|
||||
)
|
||||
|
||||
if (Test-CSCertificate -Thumbprint $cert.Thumbprint) {
|
||||
Write-Warning -Message ('The certificate with thumbprint {0} is already present!' -f $cert.Thumbprint)
|
||||
}
|
||||
else {
|
||||
$Store.Add($cert)
|
||||
}
|
||||
}
|
||||
catch {
|
||||
$_.Exception.Message | Write-Error
|
86
src/Certificate/Test-CSCertificate.ps1
Normal file
86
src/Certificate/Test-CSCertificate.ps1
Normal file
@ -0,0 +1,86 @@
|
||||
function Test-CSCertificate {
|
||||
<#
|
||||
.SYNOPSIS
|
||||
Tests if the given certificate exists in a store.
|
||||
|
||||
.DESCRIPTION
|
||||
Use this function to ensure if a certificate is already imported into a given store.
|
||||
|
||||
.PARAMETER Thumbprint
|
||||
Provide one or more thumprints.
|
||||
|
||||
.PARAMETER StoreName
|
||||
Select the store name in which you want to search the certificates.
|
||||
|
||||
.PARAMETER StoreLocation
|
||||
Select between the both available locations CurrentUser odr LocalMachine.
|
||||
|
||||
.INPUTS
|
||||
[None]
|
||||
|
||||
.OUTPUTS
|
||||
[bool]
|
||||
|
||||
.EXAMPLE
|
||||
Test-CSCertificate -Thumbprint '12345678' -StoreName 'My' -StoreLocation 'CurrentUser'
|
||||
|
||||
.NOTES
|
||||
File Name : Test-CSCertificate.ps1
|
||||
Author : Marco Blessing - marco.blessing@googlemail.com
|
||||
Requires :
|
||||
|
||||
.LINK
|
||||
https://github.com/OCram85/PSCredentialStore
|
||||
#>
|
||||
[CmdletBinding()]
|
||||
[OutputType([bool])]
|
||||
param(
|
||||
[Parameter(Mandatory = $true, ValueFromPipeline = $true)]
|
||||
[ValidateNotNullOrEmpty()]
|
||||
[string]$Thumbprint,
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'AddressBook',
|
||||
'AuthRoot',
|
||||
'CertificateAuthority',
|
||||
'Disallowed',
|
||||
'My',
|
||||
'Root',
|
||||
'TrustedPeople',
|
||||
'TrustedPublisher'
|
||||
)]
|
||||
[string]$StoreName = 'My',
|
||||
|
||||
[Parameter(Mandatory = $false)]
|
||||
[ValidateSet(
|
||||
'CurrentUser',
|
||||
'LocalMachine'
|
||||
)]
|
||||
[string]$StoreLocation = 'CurrentUser'
|
||||
)
|
||||
|
||||
begin {
|
||||
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::New($StoreName, $StoreLocation)
|
||||
try {
|
||||
$Store.Open('ReadOnly')
|
||||
}
|
||||
catch {
|
||||
$_.Exception.Message | Write-Error -ErrorAction Stop
|
||||
}
|
||||
}
|
||||
|
||||
process {
|
||||
$Cert = $Store.Certificates | Where-Object { $_.Thumbprint -eq $Thumb }
|
||||
|
||||
if ($null -eq $Cert) {
|
||||
return $false
|
||||
}
|
||||
else {
|
||||
return $true
|
||||
}
|
||||
}
|
||||
end {
|
||||
$Store.Close()
|
||||
}
|
||||
}
|
Loading…
Reference in New Issue
Block a user