Use PowerShell to enumerate info from your Certificate Server

To enumerate certificate info from your Certificate Server using PowerShell,
there’s a COM interface you can use to collect it.
This script was based on the VBScript you can find at:

Thanks to Steve Patrick (Spat)  from Microsoft and his excellent blog post for the example!


The script below returns output in a csv file format you can save to file and use to process the info further,

but as always feel free to customize or comment…

Function Get-CertInfo($server) {
$CaView = New-Object -Com CertificateAuthority.View.1
$Index0 = $CAView.GetColumnIndex($False, "CommonName")
$Index1 = $CAView.GetColumnIndex($False, "Email")
$Index2 = $CAView.GetColumnIndex($False, "NotAfter")
$Index3 = $CAView.GetColumnIndex($False, "Country")
$Index4 = $CAView.GetColumnIndex($False, "Organization")
$Index5 = $CAView.GetColumnIndex($False, "OrgUnit")
$Index6 = $CAView.GetColumnIndex($False, "DistinguishedName")
$Index7 = $CAView.GetColumnIndex($False, "Disposition")
$RowObj= $CAView.OpenView()
$Cert= $Cert + $srv + ","
$ColObj = $RowObj.EnumCertViewColumn()
Do {
$Cert = $Cert + $ColObj.GetValue(1) + ","
} Until ($ColObj.Next() -eq -1)
Clear-Variable ColObj
} Until ($Rowobj.Next() -eq -1 )
Return $Cert


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s