Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
All right, we know that we can access a remote computer's various X509Certificate stores via .NET, and 'My' corresponds to "Local Computer\Personal\Certificates". What are the other names?
https://msdn.microsoft.com/en-us/library/system.security.cryptography.x509certificates.storename.aspx
That gives us the details, but on some of my lab boxes, some of it didn't work. Specifically, I couldn't pull the Intermediate Certification Authorities list.
Per the above, that's the 'CertificateAuthority' X509Certificate store. In fact, we can enumerate the StoreName enum as follows
[Enum]::GetNames([System.Security.Cryptography.X509Certificates.Storename])
So, it says 'CertificateAuthority' all right. And it doesn't work with my box, all right. So, what to do?
Get-ChildItem cert:\LocalMachine | % { $_.Name }
That works for the local box. How about for my remote box? PSRemoting to the rescue.
Invoke-Command -ComputerName $ComputerName -ScriptBlock { Get-ChildItem cert:\LocalMachine | % { $_.Name } }
Comments
- Anonymous
December 05, 2013
Hey !! I am so interesting in this, do you have some more code or simple regarding this, I am implementng a XML signer using Smart card digital cerificiate, but I need to sign the XML with the certificate in the user computer from my website, so far I have no clue have to do it, if I need Access the usb port from the web site or I just need to acess the remote store certificates. I appreciate any help on this, Andres