Posts on this page:
I’m glad to announce another version of PowerShell PKI module release.
This release includes major internal code changes with new functionality.
At first, I completely separated Abstract Syntax Notation (ASN.1) code from main library to a dedicated DLL:
SysadminsLV.Asn1Parser.dll. As I mentioned in one of previous posts, PKI.Core.dll and ASN parser are opensourced on GitHub: pkix.net and Asn1DerParser.NET.
Some time ago I wrote a script that converts PEM file to CryptoAPI compatible format: How to convert PEM file to a CryptoAPI compatible format. The script involves some non-PowerShell commands (certutil) which associates private key with a certificate instance. I received several feedback comments about avoiding certutil in favor of native PowerShell/.NET managed code. In this post I want to show some code that eliminates certutil from the script.
Just to recall what we generally do when converting PEM to X509Certificate2/PFX:
It was a long-waited decision, however, finally I did it. Today I released my two major .NET projects to GitHub:
This is my own ASN.1 binary parser. ASN.1 parser/reader is a mandatory component when you are dealing with cryptography and cryptographic messages, because all they use ASN.1. I’m using this library in ASN.1 Editor and PowerShell PKI module’s API library (it is now opensourced as well).
Hello S-1-1-0, it’s time for another blog post. Another PowerShell and CryptoAPI blog post.
Recently I had a trivial (or non-trivial?) challenge: read multiple signatures from signed files. Usually files have only one signature:
I think, I have to publish several articles that would cover common PKI/ADCS administration tasks with PowerShell by using my PowerShell PKI module (of course!). Today I'll cover very simple, but very common task: managing pending certificate requests.
In this post we would propose the following scenario:
Just to make it clear, CA manager approval is configured in the certificate template, as follows:
you, as CA manager, received notification about incoming certificate request. Your task is to review the certificate request to ensure that it is properly constructed and conforms internal security policies and then make decision: approve or deny certificate request. You can do this by using Certification Authority MMC snap-in, but this would require a lot of clicks and without having a chance to automate this. Another solution that includes PowerShell offers you great automation capabilites.