1
00:00:01,340 --> 00:00:05,040
Now, with the certificate provider, you cannot do much,

2
00:00:05,040 --> 00:00:10,700
as we have a dedicated PKI module to work with certificates; however,

3
00:00:10,700 --> 00:00:15,240
there are still some tasks that you can perform using general commands.

4
00:00:15,240 --> 00:00:18,750
You can list certificate stores and certificates using

5
00:00:18,750 --> 00:00:24,840
Get‑Item and Get‑ChildItem commands, and remove them using Remove‑Item command.

6
00:00:24,840 --> 00:00:27,470
We will now quickly switch to our demo environment.

7
00:00:27,470 --> 00:00:32,840
In this demo, we will list certificates from a certificate store.

8
00:00:32,840 --> 00:00:37,440
Next, we will delete certificates using Remove‑Item command.

9
00:00:37,440 --> 00:00:41,340
We will start by having a look into certificate snap‑in.

10
00:00:41,340 --> 00:00:43,590
This is the user certificate snap‑in.

11
00:00:43,590 --> 00:00:48,940
In here, we can see different certificate stores that have certificates in it.

12
00:00:48,940 --> 00:00:53,540
This is the user's personal store that has one certificate in it.

13
00:00:53,540 --> 00:00:55,990
When I click on Trusted Root CA store,

14
00:00:55,990 --> 00:00:59,240
we can see all the trusted root CA certificates.

15
00:00:59,240 --> 00:01:02,120
We will now switch to PowerShell and see how we can

16
00:01:02,120 --> 00:01:04,840
navigate into these certificate stores.

17
00:01:04,840 --> 00:01:10,640
I'll enter Set‑Location, command, and mention cert PS drive.

18
00:01:10,640 --> 00:01:13,240
I'll run Get‑Item * command,

19
00:01:13,240 --> 00:01:17,040
and we can see that there are two certificate stored locations,

20
00:01:17,040 --> 00:01:20,270
CurrentUser stores, user certificates,

21
00:01:20,270 --> 00:01:23,840
and LocalMachine stores system certificates.

22
00:01:23,840 --> 00:01:27,940
I will navigate into CurrentUser certificate store,

23
00:01:27,940 --> 00:01:30,680
and again run Get‑Item * command.

24
00:01:30,680 --> 00:01:31,080
Here,

25
00:01:31,080 --> 00:01:34,710
we can see a list of all certificate stores that we saw a

26
00:01:34,710 --> 00:01:38,130
moment ago from certificate snap‑in.

27
00:01:38,130 --> 00:01:43,040
The My certificate store in PowerShell refers to the user's personal store,

28
00:01:43,040 --> 00:01:46,330
and Root certificate store in PowerShell refers to the

29
00:01:46,330 --> 00:01:49,430
trusted root certification authority store.

30
00:01:49,430 --> 00:01:53,640
I'll retrieve all root certificates using Get‑ChildItem command,

31
00:01:53,640 --> 00:01:56,540
and mention Root certificate store.

32
00:01:56,540 --> 00:01:59,650
If I want to retrieve only a specific certificate,

33
00:01:59,650 --> 00:02:02,330
I can do so by entering its thumbprint.

34
00:02:02,330 --> 00:02:06,540
And just to see what all properties we have for a certificate,

35
00:02:06,540 --> 00:02:09,740
I'll pipe this command to select *.

36
00:02:09,740 --> 00:02:11,650
Here we can see a number of properties,

37
00:02:11,650 --> 00:02:16,240
which we can use as a criteria to filter our search results.

38
00:02:16,240 --> 00:02:20,940
If I want to fetch a list of all certificates that will expire in 30 days,

39
00:02:20,940 --> 00:02:24,750
I can do so by mentioning ExpiringInDays parameter,

40
00:02:24,750 --> 00:02:27,040
and set it to 30 days.

41
00:02:27,040 --> 00:02:30,670
I'll then add Recurse parameter so that the search will

42
00:02:30,670 --> 00:02:34,040
be performed on all child containers.

43
00:02:34,040 --> 00:02:37,880
Next, I'll select a few of its properties like thumbprint,

44
00:02:37,880 --> 00:02:40,640
subject, and ExpiryDate,

45
00:02:40,640 --> 00:02:45,840
and display the result in list format using Format‑List command.

46
00:02:45,840 --> 00:02:51,050
This will also list certificates that are already expired.

47
00:02:51,050 --> 00:02:56,240
If you remember in the first module, we talked about CodeSigningCert parameter.

48
00:02:56,240 --> 00:03:00,360
We can use it to review certificates that have CodeSigning authority,

49
00:03:00,360 --> 00:03:05,010
but as of now, I don't have any CodeSigningCertificates in my system,

50
00:03:05,010 --> 00:03:07,640
so the result will be blank.

51
00:03:07,640 --> 00:03:11,940
To remove a certificate, I'll simply use Remove‑Item command,

52
00:03:11,940 --> 00:03:15,240
followed by a complete path of the certificate.

53
00:03:15,240 --> 00:03:18,480
I'll use any of the expired certificates for this demo,

54
00:03:18,480 --> 00:03:20,640
and enter its thumbprint.

55
00:03:20,640 --> 00:03:24,140
When I run the command, the certificate will be removed.

56
00:03:24,140 --> 00:03:28,140
We will cross verify this, but again running the previous command,

57
00:03:28,140 --> 00:03:34,000
and now we can see that the certificate, which we removed, is not showing up here.