问题
I am trying to generate a list of all self-signed certificates in an environment using Powershell.
I need this section of my script to be directed toward multiple machines(IP addresses), but am unaware of how to do so:
dir cert: -Recurse |
where {$_.subject -ne $null} |
where {$_.subject -eq $_.issuer} |
Export-Csv -NoTypeInformation -Encoding UTF8 -delimiter ';' -path .\ssc_export
Powershell isn't my strong suit, but it's all I have available to me in this environment. Any insight would be greatly appreciated!
回答1:
Assuming WinRM is configured and you have the required permissions this would work:
$computers = Get-Content -Path "R:\computers.txt"
$Results = @()
ForEach ($Computer in $Computers) {
$Results += Invoke-Command -ComputerName $Computer -ScriptBlock {
$storeNames = @();
foreach($store in Get-ChildItem -Path "cert:CurrentUser" `
| Where-Object { $_.Name -ne 'UserDS' } ` # filter UserDS: https://stackoverflow.com/questions/57116536/powershell-fails-when-trying-to-read-certificate-store-with-the-specified-netwo/57278095#57278095
){
$storeNames += "cert:CurrentUser\$($store.Name)";
}
foreach($store in Get-ChildItem -Path "cert:LocalMachine"){
$storeNames += "cert:LocalMachine\$($store.Name)";
}
$storeNames | % { Get-ChildItem -Path $_ } `
| where {$_.subject -ne $null} `
| where {$_.subject -eq $_.issuer} `
| select-object -property `
@{ Name="Computer"; Expression={$env:COMPUTERNAME} }, `
@{ Name="Path"; Expression={$_.PSParentPath} }, `
@{ Name="Subject"; Expression={$_.Subject} }, `
@{ Name="Issuer"; Expression={$_.Issuer} } `
| Format-Table
};
}
$Results
来源:https://stackoverflow.com/questions/58104830/generating-a-list-of-all-self-signed-certs