Skip to main content

Installing Certificates on Windows

Using PowerShell to install into the Local Computer store

This can only be done with elevated privileges.

Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root -FilePath cert.crt

Viewing certificate store contents

Get-ChildItem Cert:\LocalMachine\My | Sort-Object -Property Subject
Get-ChildItem Cert:\LocalMachine\Root | Sort-Object -Property Subject
Get-ChildItem Cert:\LocalMachine\TrustedPublisher | Sort-Object -Property Subject
Get-ChildItem Cert:\CurrentUser\My | Sort-Object -Property Subject
Get-ChildItem Cert:\CurrentUser\Root | Sort-Object -Property Subject
Get-ChildItem Cert:\CurrentUser\TrustedPublisher | Sort-Object -Property Subject

Viewing cert information from extensions

# Show all relevant local computer certificate information

Get-ChildItem Cert:\LocalMachine\My |
ForEach-Object {
    $sanExtension = $_.Extensions |
        Where-Object { $_.Oid.Value -eq '2.5.29.17' }

    if ($sanExtension) {
        [PSCustomObject]@{
            Subject        = $_.Subject
            IssuingCA      = $_.Issuer
            Thumbprint     = $_.Thumbprint
            NotBefore      = $_.NotBefore
            NotAfter       = $_.NotAfter
            DnsNames       = ($_.DnsNameList -join ', ')
        }
    }
}

end

Back to top