【问题标题】:How can I export the root and intermediate signing certificates from a certificate file via PowerShell?如何通过 PowerShell 从证书文件中导出根和中间签名证书?
【发布时间】:2021-05-08 04:01:24
【问题描述】:

使用 PowerShell;我需要获取一个证书文件 (.cer/.crt),并将中间和根签名证书文件导出到同一目录。我能做的最多的是获得证书颁发者名称(中间 CA)。如何利用 PowerShell 确定中间和根签名 CA 并保存这些证书?

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 D:\Netscaler_Certificates\example.2021.cer
$cert.IssuerName

给我:

Name                                   Oid                                RawData            
----                                   ---                                -------            
CN=Subordinate CA, DC=domain, DC=com   System.Security.Cryptography.Oid   {48, 99, 49...}

【问题讨论】:

    标签: powershell ssl ssl-certificate x509certificate2


    【解决方案1】:

    您需要构建证书链,然后导出链元素:

    $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 D:\Netscaler_Certificates\example.2021.cer
    $chain = new-object security.cryptography.x509certificates.x509chain
    [void]$chain.Build($cert)
    $chain.ChainElements | %{
        sc -path .\$($_.Certificate.GetNameInfo("dnsName",$false)).cer -value $_.Certificate.RawData -encoding byte
    }
    

    【讨论】:

      【解决方案2】:

      ....并“托管”您刚刚从上一个答案导出的证书,下一行可能是:

      (($chain.ChainElements.Certificate.Subject | Select-Object -Skip 1) -Replace ", .*").trimstart("CN=")
      

      【讨论】:

        猜你喜欢
        • 2018-06-08
        • 1970-01-01
        • 2019-11-14
        • 1970-01-01
        • 2017-09-05
        • 1970-01-01
        • 1970-01-01
        • 2015-04-29
        • 1970-01-01
        相关资源
        最近更新 更多