36 lines
1.2 KiB
PowerShell
36 lines
1.2 KiB
PowerShell
function Export-CertChain {
|
|
<#
|
|
.SYNOPSIS
|
|
Exports a Certificate's Chain.
|
|
#>
|
|
[CmdletBinding()]
|
|
param(
|
|
[Parameter(Mandatory = $True)]
|
|
[ValidateNotNull()]
|
|
[System.Security.Cryptography.X509Certificates.X509Certificate2]$Cert,
|
|
[Parameter(Mandatory = $True)]
|
|
[string]$ExportStorePath,
|
|
[Parameter(Mandatory = $True)]
|
|
[string]$ExportCertPath,
|
|
$ADGroups
|
|
)
|
|
$certName = $exportCertPath.Split("\") | Select-Object -Last 1
|
|
$chain = Get-CertificateChain $cert $exportStorePath
|
|
$chainInfo = [System.Collections.ArrayList]::new()
|
|
foreach ($chainCert in $chain) {
|
|
|
|
$chainCertStore = Get-CertificateStoreName $chainCert
|
|
if (!$chainCertStore) {
|
|
Write-Warning "Chain is broken for cert $certName and thumbprint $($chainCert.thumbprint)"
|
|
break
|
|
}
|
|
$exportChainPath = $exportCertPath, "ChainedCertificates", $chainCertStore -join "\"
|
|
|
|
$exportInfo = Export-CertificateToFileSystem $chainCert $exportChainPath -IsChainExport $true -ADGroups $ADGroups
|
|
if ($null -eq $exportInfo) {break}
|
|
|
|
[void]$chainInfo.Add($exportInfo)
|
|
}
|
|
|
|
return $chainInfo
|
|
} |