powershellcertificatessl-certificatepowershell-2.0certificate-store

How to search for Server Exchange or Server Authentication type certificates installed on host computer using PowerShell?


I'm trying to choose a certificate from the computer certificate store LocalMachine\My that serves for Server Exchange or Authentication (I'm unsure regarding the exact nomenclature) purposes. I know there are filters to return only certificates of a certain type, as such:

    PS> Get-ChildItem Cert:\LocalMachine\My -codesigning

and what I want is to do something like:

    PS> Get-ChildItem Cert:\LocalMachine\My -exchange

Which fails in PowerShell.

If such a filter keyword doesn't exists, can some venture a way to do it, or at least how to go about it?


Solution

  • To get a list of certs with server authentication you can filter by the enhanced key usage properties:

    dir cert:\localmachine\my | ? {
        $_.Extensions | % { 
            $_.EnhancedKeyUsages | ? {
                $_.FriendlyName -eq "Server Authentication"}}}