0

I am using the following command in PowerShell which works fine and good:

certreq -accept -machine "c:\my_csr_response.crt"

This command processes a CA response to a SSL CSR.

My question is how do I get the thumbnail of the newly created certificate generated by this command?

Reed R.C. Hastings
  • 13
  • 2
  • Try this `Get-ChildItem Cert:\LocalMachine\ -Recurse | Where NotBefore -gt (Get-Date).AddDays(-1)` This assumes the new cert creation set the NotBefore time to the current time when it was created. – Keith Hill Aug 04 '15 at 17:35
  • Thanks @KeithHill! Unfortunately, I am hoping to get the thumbnail at creation time. If two CSRs are generated on the same day and then both requests completed on same day, it creates two certificates so I am trying to get the thumbnail for the most recently created certificate for that CN. After this command, another will run to export the certificate. Perhaps I should just delete existing certificates with the same CN created on the same day before completing the new request. – Reed R.C. Hastings Aug 04 '15 at 17:52

1 Answers1

1

Create an X509Certificate2 object from the file and grab the thumbprint from there.

$CertPath = "C:\my_csr_response.crt"
$Cert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::CreateFromCertFile($CertPath)
$Thumbprint = $Cert.GetCertHashString()

Find it in the cert store with:

Get-ChildItem cert:\ -Recurse |Where-Object {$_.Thumbprint -eq $Thumbprint}
Mathias R. Jessen
  • 157,619
  • 12
  • 148
  • 206