straynor
asked on
VBScript - check for presence of computer certificate
Hi all,
I am about to deploy a VPN client to our workstations that require remote access to our network.
I would like to have a little vbscript\hta\program that the helpdesk guys can run on a PC that will check for the presence of a computer certificate from our enterprise CA in the local computer store, and a registry value. Basically to save them having to click into the mmc and regedit, they can run the program and get a couple of green ticks\red x's.
I know the registry check is very easy, but I do not know if it is possible to check the local machine's Computer store for a certificate issued from our CA.
I have looked at the certutil.exe tool from the resource kit but while it is cearly comprehensive, i'm not sure if it will do what i want.
Any advice\experience with this?
Many thanks.
I am about to deploy a VPN client to our workstations that require remote access to our network.
I would like to have a little vbscript\hta\program that the helpdesk guys can run on a PC that will check for the presence of a computer certificate from our enterprise CA in the local computer store, and a registry value. Basically to save them having to click into the mmc and regedit, they can run the program and get a couple of green ticks\red x's.
I know the registry check is very easy, but I do not know if it is possible to check the local machine's Computer store for a certificate issued from our CA.
I have looked at the certutil.exe tool from the resource kit but while it is cearly comprehensive, i'm not sure if it will do what i want.
Any advice\experience with this?
Many thanks.
ASKER
Hi Rob,
Yes it does show the details on the relevant certificate, thanks.
Now to programmatically check it.
If i were to run that command from a shell, pipe the output to a txt file and then search the text file for the computer's hostname, i could get a yes/no. Any better ideas?
Thanks.
Yes it does show the details on the relevant certificate, thanks.
Now to programmatically check it.
If i were to run that command from a shell, pipe the output to a txt file and then search the text file for the computer's hostname, i could get a yes/no. Any better ideas?
Thanks.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
certutil -store -v my
do you get the certificate information you are after?
Rob.