49 lines
1.8 KiB
PowerShell
49 lines
1.8 KiB
PowerShell
|
function Get-CertificatePropertyHash {
|
||
|
<#
|
||
|
.SYNOPSIS
|
||
|
Fetches a Certificate's Property Hash.
|
||
|
#>
|
||
|
|
||
|
[CmdletBinding()]
|
||
|
[OutputType([System.Collections.Hashtable])]
|
||
|
param(
|
||
|
[Parameter(Mandatory = $true)]
|
||
|
[System.Security.Cryptography.X509Certificates.X509Certificate2]$certificate
|
||
|
)
|
||
|
|
||
|
$logLead = (Get-LogLeadName);
|
||
|
$currentDate = (Get-Date);
|
||
|
$certIsExpired = ($certificate.NotAfter -gt $currentDate)
|
||
|
|
||
|
$usersWithPermsArray = $null
|
||
|
if ($certificate.HasPrivateKey) {
|
||
|
|
||
|
Write-Verbose "$logLead : Searching for Private Key Details for Certificate $($certificate.Thumbprint)"
|
||
|
$ACLs = (Get-PrivateKeyPermissions $certificate)
|
||
|
$usersWithPermsArray = ($ACLs | Select-Object -ExpandProperty IdentityReference)
|
||
|
|
||
|
$usersWithPerms = New-Object System.Collections.Specialized.OrderedDictionary
|
||
|
|
||
|
for ($i = 0; $i -lt $usersWithPermsArray.Count; $i++) {
|
||
|
|
||
|
$usersWithPerms.Add($i.ToString(), $usersWithPermsArray[$i])
|
||
|
}
|
||
|
}
|
||
|
|
||
|
return @{
|
||
|
|
||
|
SubjectName = $certificate.SubjectName.Name;
|
||
|
DnsNameList = $certificate.DnsNameList.Unicode;
|
||
|
Subject = $certificate.Subject;
|
||
|
Issuer = $certificate.Issuer;
|
||
|
FriendlyName = $certificate.FriendlyName;
|
||
|
HasPrivateKey = $certificate.HasPrivateKey;
|
||
|
NotBefore = $certificate.NotBefore;
|
||
|
NotAfter = $certificate.NotAfter;
|
||
|
SerialNumber = $certificate.SerialNumber;
|
||
|
Thumbprint = $certificate.Thumbprint;
|
||
|
IsExpired = $certIsExpired;
|
||
|
IsCurrent = ($certificate.NotBefore -lt $currentDate -and !$certIsExpired );
|
||
|
UsersWithPrivateKeyRights = $usersWithPerms;
|
||
|
}
|
||
|
}
|