Share via

Help with detection method using PS or VB

Roy, Ashley 21 Reputation points
2021-05-10T16:17:29.33+00:00

I am struggling with coming up with the correct detection method for one of my applications. I have an application that calls a PowerShell script that will renew a machine certificate in the Personal store which contains a new Key Usage setting. I am looking for something that queries the certificate's key usage and if it is set to Key Encipherment, then do nothing. I only want it to run if it isn't set to Key Enchiperment. I figured I could use a VB or a PS script.

Scripting is not my strong suit, unfortunately. I am still learning it. I think I can use the code below to query it, but I don't know how to write it to an if statement or something that will say, "if it is set to Key Encipherment, do nothing."

((Get-ChildItem -Path Cert:\LocalMachine\My\ | select -First 1).Extensions | Where-Object { $_.Oid.FriendlyName -eq "Key Usage" }).format($true)

Any help would be greatly appreciated.

Windows for business | Windows Server | User experience | PowerShell
0 comments

Answer accepted by question author

Anonymous
2021-05-11T02:00:15.537+00:00

Hi,

You can try something like this 

Get-ChildItem -Path Cert:\LocalMachine\My | ForEach-Object {  
    if($_.Extensions.KeyUsages -notmatch "KeyEncipherment"){  
    #do something  
    }  
    else{  
    #do nothing  
    }      
}

Best Regards,
Ian Xue

============================================

If the Answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Was this answer helpful?

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.