Trying to get Signing Algorithm for Personal Store Certificates

This topic contains 4 replies, has 4 voices, and was last updated by  Brad 1 month ago.

  • Author
    Posts
  • #89542

    Martin
    Participant

    Hi all,

    I have a reasonably straightforward script which provides me with various Certificate items based on using the 'Get-Child-Item -Recurse' CMDLET within a scriptblock from a list of servers, this has been working fine for my needs until I recently have been asked to provide the hash algorithm of these certificates I.E. SHa1, SHA2 etc.

    I have looked into the SignatureAlgorithm.FriendlyName object to return this but unfortunately it does not seem to work 🙁

    Even from a server if I change to the Certificate provider and attempt to get the algorithm info as below here is what I receive:

    PS Cert:\LocalMachine> gci -Recurse | Select -Property SignatureAlgorithm

    SignatureAlgorithm
    ——————
    System.Security.Cryptography.Oid

    I have truncated the results but obviously there is no hash value being displayed 🙁

    Also, if I use the following 'signature.algorithm.friendlyname' then no results get displayed at all ??

    PS Cert:\LocalMachine> gci -Recurse | Select -Property SignatureAlgorithm.friendlyname

    SignatureAlgorithm.friendlyname
    ——————————-

    Please help?

    Many thanks in advance.

  • #89543

    Jon
    Participant
  • #89548

    Sam Boutros
    Participant
    $CertList = Get-ChildItem -Path Cert:\LocalMachine -Recurse | ? { $_.SignatureAlgorithm } 
    $CertList | select @{n='Algorithm';e={$_.SignatureAlgorithm.FriendlyName}},Subject
    
  • #89642

    Martin
    Participant

    Thanks for your help guys,
    Sam, I used the second line of your suggested code which provided the signature algorithm value per certificate in conjunction with my other values per certificate per server adding it into my overall exported csv file.
    However, do you know of any documentation which will fully explain the syntax for this will help me fully understand?

    Many thanks for your help guys.

  • #89644

    Brad
    Participant

    Hi Sam,

    very good script
    how i can find certificate that will be expaired next month

    Thanks

You must be logged in to reply to this topic.