问题
It seems as though you can set up a valid X509Store object based on any string.
eg.
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("abcdef")
I originally was using
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("Cert:\CurrentUser\My")
thinking I had a valid object for the My store, however I kept getting an exception when calling:
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::MaxAllowed) #Exception calling "Open" with "1" argument(s): "The parameter is incorrect.
Is the string meant to be in a certain format?
EDIT:
It seems as though the string can be anything, as long as there are no slashes. So I need to use $store = New-Object System.Security.Cryptography.X509Certificates.X509Store("My").
回答1:
After consulting MSDN X509Store Class documentation here is the gist of my understanding of it.
There are a number of constructors for X509Store Class. After defining an instance of the class, this can then be opened using the Open method.
If the instance points to a valid StoreName in a valid StoreLocation the Open method will open a certificate store. The Open method can also create a new store based on flags [System.Security.Cryptography.X509Certificates.OpenFlags] used, if the StoreLocation is correct.
If the store instance is not defined correctly, open method it will generate a System.ArgumentException.
Valid StoreLocation values are
- CurrentUser
- LocalMachine
and valid StoreName values are
- AddressBook
- AuthRoot
- CertificateAuthority
- Disallowed
- My
- Root
- TrustedPeople
- TrustedPublisher.
This is what MSDN has to say about the (String) constructor.
"Use this constructor to create an X509Store object using a particular X.509 store name for the current user. To create a new store, specify a name that does not exist. A new store will be created with that name."
So this code should create a new certificate store in "CurrentUser" called "abcdef".
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("abcdef")
$openFlags = [System.Security.Cryptography.X509Certificates.OpenFlags]::MaxAllowed
$store.Open($openFlags)
It can be verified using MMC.
So, in conclusion, store constructor parameters "StoreName" and "String" are interchangeable. Semantically "StoreName" is used in reference to predefined values and "String" can refer to any value.
来源:https://stackoverflow.com/questions/29115106/what-is-the-point-of-the-x509store-constructor-string