It is possible to get a list of all the certificates using powershell to get all the signature algorithm?

2022-09-19T16:39:50.807+00:00

Hello

I am trying to resolve this issue
CVE-2004-2761 SSL Certificate Signed Using Weak Hashing Algorithm

Based on this article
https://social.technet.microsoft.com/Forums/en-US/55cd6302-b9ef-47fd-a6aa-b17132d464a9/ssl-certificate-signed-using-weak-hashing-algorithm?forum=winserversecurity

I would like to know if it is possible to get a list of all installed certificates with their signature algorithm using PowerShell. Obtaining this information would make it easy to identify which one should be modified.
Cheers
carlos quintana

Windows for business | Windows Client for IT Pros | Devices and deployment | Configure application groups
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Carlos Giovanny Quintana Corredor 1 Reputation point
    2022-09-19T17:20:30.837+00:00
    0 comments No comments

  2. Limitless Technology 44,776 Reputation points
    2022-09-21T15:22:25.46+00:00

    Hello,

    You can use the next:

    SL Cert:\LocalMachine\TrustedPublisher // You may change this path, for other certificate store location of your interest
    $Cert = GCI | where{$_.Thumbprint -eq "CERTIFICATE THUMBPRINT HERE"}
    $Cert.SignatureAlgorithm.friendlyname
    $Cert.publickey.key.keysize

    -------------------------------------------------------------------------------------------------------------------

    --If the reply is helpful, please Upvote and Accept as answer--

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.