function Get-Cert {<#.SYNOPSISPrints out the list of certs in stores s

1. function Get-Cert {
2. <#
3.  
4. .SYNOPSIS
5.  
6. Prints out the list of certs in stores specified by the global 'certDirectories' variable. Adds handy Properties to the X509Certificates returned.
7. Including: Expiration, SubjectAlternateNames, Path, FileName
8.  
9.  
10.  
11. .DESCRIPTION
12.  
13.  
14. .PARAMETER filter
15.  
16. A filter that gets applied across all relevant cert info: Thumbprint, Subject, SerialNumber, etc...
17.  
18. .PARAMETER Expiration
19. A switch that will display the certs sorted by expiration. Equivalent to 'lscert | sort expiration | ft expiration,thumbprint,subject'
20.  
21. .PARAMETER thumbprint
22.  
23. Filter used against the thumbprints
24.  
25. .PARAMETER subject
26.  
27. Filter used against the subjects
28.  
29. .PARAMETER altName
30.  
31. Filter used against the subject alternative names
32.  
33. .PARAMETER certDirectoryOverride
34.  
35. An override for specific cert stores to search
36.  
37. .PARAMETER localFolders
38.  
39. A local folder cotaining *.cer files that will also be loaded. Will recursively search
40.  
41. .PARAMETER private
42.  
43. Filters certs that contain private keys
44.  
45.  
46. .EXAMPLE
47.  
48. Find a cert matching a generic filter
49.  
50. Get-Cert microsoft
51.  
52. .EXAMPLE
53.  
54. Find all installed certs and all certs in a directory matching the filter and then output their path
55.  
56. Get-Cert contoso -localFolders C:\my\local\certs\ | ft path
57.  
58.  
59. .EXAMPLE
60.  
61. Find a cert matching a specific thumbprint
62.  
63. Get-cert -thumbprintFilter 1342
64.  
65.  
66. .EXAMPLE
67.  
68. Get all certs with private keys
69.  
70. Get-Cert -privateKey
71.  
72. #>
73.  
74.   param (
75.     [string]$filter,
76.     [string]$thumbprint,
77.     [string]$subject,
78.     [string]$altName,
79.     [string]$serialNumber,
80.     [switch]$expiration,
81.     [switch]$privateKey,
82.     [string[]]$certDirectoryOverride,
83.     [string[]]$localFolders
84.     )
85.   $certDirectories  = "cert:\CurrentUser\My", "cert:\LocalMachine\My"
86.  
87.   # Set the cert store to list from
88.   $certStores = $certDirectories
89.   if ($certDirectoryOverride -ne $null) {
90.     $certStores = $certDirectoryOverride
91.   }
92.  
93.   $items = @()
94.   # get all certs from the stores
95.   foreach ($store in $certStores) {
96.     $items += ls $store
97.   }
98.  
99.   if ($localFolders) {
100.     foreach ($folder in $localFolders) {
101.       $localCertPaths = ls -path $folder -i *cer -rec
102.       foreach ($certPath in $localCertPaths) {
103.         $fullName = $certPath.FullName
104.         $directoryName = $certPath.DirectoryName
105.         $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certPath)
106.         add-member -InputObject $cert -MemberType NoteProperty -Name PSParentPath -Value $directoryName -ErrorAction SilentlyContinue
107.         add-member -InputObject $cert -MemberType NoteProperty -Name Path -Value $fullName
108.         add-member -InputObject $cert -MemberType NoteProperty -Name FileName -Value $fileName
109.  
110.         $items += $cert;
111.       }
112.     }
113.   }
114.  
115.   # add handy expiration property
116.   $items | %{
117.     add-member -InputObject $_ -MemberType ScriptProperty -Name Expiration -Value {[DateTime]$this.GetExpirationDateString()} -ErrorAction SilentlyContinue
118.     add-member -InputObject $_ -MemberType AliasProperty -Name Path -Value PSPath -ErrorAction SilentlyContinue
119.     add-member -InputObject $_ -MemberType AliasProperty -Name FileName -Value PSPath -ErrorAction SilentlyContinue
120.  
121.     add-member -InputObject $_ -MemberType ScriptProperty -Name SubjectAlternateNames -ErrorAction SilentlyContinue -Value {
122.       return ($this.Extensions | Where-Object {$_.Oid.FriendlyName -eq "subject alternative name"}).Format(1).Replace("`r`n",", ").Replace("DNS Name=","")
123.     }
124.     add-member -InputObject $_ -MemberType AliasProperty -Name AlternateNames -Value SubjectAlternateNames -ErrorAction SilentlyContinue
125.     add-member -InputObject $_ -MemberType AliasProperty -Name AlternativeNames -Value SubjectAlternateNames -ErrorAction SilentlyContinue
126.     add-member -InputObject $_ -MemberType AliasProperty -Name SubjectAlternativeNames -Value SubjectAlternateNames -ErrorAction SilentlyContinue
127.     add-member -InputObject $_ -MemberType AliasProperty -Name SubjectAltNames -Value SubjectAlternateNames -ErrorAction SilentlyContinue
128.     add-member -InputObject $_ -MemberType AliasProperty -Name AltNames -Value SubjectAlternateNames -ErrorAction SilentlyContinue
129.   }
130.  
131.   # filter all the certs
132.   if ($filter -ne $null) {
133.     $items = $items | where-object {
134.       ($_.Thumbprint -match $filter) -or
135.       ($_.Subject -match $filter) -or
136.       ($_.SerialNumber -match $filter) -or
137.       ($_.SubjectAlternateName -match $filter)
138.       }
139.   }
140.   if ($thumbprint -ne $null) {
141.     $items = $items | where {$_.Thumbprint -match $thumbprint}
142.   }
143.   if ($subject -ne $null) {
144.     $items = $items | where {$_.Subject -match $subject}
145.   }
146.   if ($altName -ne $null) {
147.     $items = $items | where {$_.SubjectAlternateNames -match $altName}
148.   }
149.   if ($serialNumber -ne $null) {
150.     $items = $items | where {$_.SerialNumber -match $serialNumber}
151.   }
152.   if ($privateKey) {
153.     $items = $items | where {$_.PrivateKey -ne $null}
154.   }
155.  
156.   if ($expiration) {
157.     return $items | sort expiration | ft expiration, thumbprint, subject
158.   }
159.  
160.   return $items
161. }
162.  
163. new-alias lscert Get-Cert -ErrorAction SilentlyContinue
164. new-alias dircert Get-Cert -ErrorAction SilentlyContinue