PS cmd to see if a Specific IE Certificate is Installed on a Remote Computer

Is there a PowerShell command similar to either one list below that will show me if a specific "Trusted Root Certification Authorities" certificate is installed in IE on a remote computer, listed by it "Issued To" or "Friendly name" ?

Get-ChildItem -computername RemoteComputer -Path Cert:\LocalMachine\TrustedPublisher | Where-Object {$_.Issuedto -eq "?Friendly Name of Cert"

invoke-command -computername RemoteComputer  {Get-ChildItem -path cert: -Recurse | where { $_.Subject -like "*Name of Cert*" }}
ei00004Network AdministratorAsked:
Who is Participating?
 
oBdACommented:
Try it with this first, this will output the certificate list in a GUI table. You can check how the one you want to look for actually appears.
Then replace the Out-GridView at the end with the Where-clause of your choice.
Invoke-Command -ComputerName RemoteComputer -ScriptBlock {
	$Pattern = '\A.*?=\s*(?:"(?<Name>.*?)"|(?<Name>[^"].*?))\s*(,.*|\Z)'
	Get-ChildItem CERT:\ -Recurse |
		Where-Object {-not $_.PSIsContainer} |
		Select-Object PSPath, FriendlyName, @{n='IssuedTo'; e={$_.Subject -replace $Pattern, '${Name}'}}, @{n='IssuedBy'; e={$_.Issuer -replace $Pattern, '${Name}'}}, Subject
} | Out-GridView

Open in new window

0
 
ei00004Network AdministratorAuthor Commented:
oBdA, thanks for the script, after configuring WinRM on the test computer and first running this script, I got the error message below:

The system cannot open the device or file specified.
    + CategoryInfo          : NotSpecified: (:) [Get-ChildItem], CryptographicException
    + FullyQualifiedErrorId : System.Security.Cryptography.CryptographicException,Microsoft.PowerShell.Commands.GetChi
   ldItemCommand
    + PSComputerName        : TestComputer

After changing this "Get-ChildItem CERT:\ -Recurse"
To this: Get-ChildItem -Path Cert:\LocalMachine\TrustedPublisher -Recurse

I now get the TrustedPublisher certs displayed. What do I need to replace "TrustedPublisher" with in order to get "Trusted Root Certification Authorities" displayed?
0
 
ei00004Network AdministratorAuthor Commented:
Ok I replaced "Cert:\LocalMachine\TrustedPublisher " with "Cert:\LocalMachine\CA" and I now can display some of the "Trusted Root Certification Authorities"  certificates, but not all of them. Any reason this would not list all certs in "Trusted Root Certification Authorities"?
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
oBdACommented:
Because "CA" are the intermediate CAs.
Try Cert:\LocalMachine\Root, or just Cert:\LocalMachine.
0
 
ei00004Network AdministratorAuthor Commented:
Cert:\LocalMachine displays a lot more certs, but still not able the see the specific certs I'm looking for. When I look at the specific certificate in Internet Explorer > Internet options, the "Friendly Name" column shows <None>.  If I change "Select-Object PSPath, FriendlyName"  TO "Select-Object PSPath, IssuedTO" the scripts errors.
0
 
ei00004Network AdministratorAuthor Commented:
oBdA - If it's not already then could you please update your script to query for "IssuedTO" instead of the FriendlyName?
0
 
oBdACommented:
It already does that, that's what the calculated property is for.
Use it exactly as posted (except for the computer name, obviously), and use Out-GridView's integrated filter to find the certificate you're looking for.
Invoke-Command -ComputerName RemoteComputer -ScriptBlock {
	$Pattern = '\A.*?=\s*(?:"(?<Name>.*?)"|(?<Name>[^"].*?))\s*(,.*|\Z)'
	Get-ChildItem CERT:\LocalMachine -Recurse |
		Where-Object {-not $_.PSIsContainer} |
		Select-Object PSPath, FriendlyName, @{n='IssuedTo'; e={$_.Subject -replace $Pattern, '${Name}'}}, @{n='IssuedBy'; e={$_.Issuer -replace $Pattern, '${Name}'}}, Subject
} | Out-GridView

Open in new window

0
 
ei00004Network AdministratorAuthor Commented:
Ok that works, the cert name I was looking for is actually displayed in the "Subject" field instead of the "Issued to" field the way it is shown in Internet options > Contents > Certificates. Instead of having to run a script for each machine I want to check and filtering the output, is there just a one line PS command to remotely show me if that cert exist on a remote computer?
0
All Courses

From novice to tech pro — start learning today.