How can I pull the thumbprint out of a SSL certificate FILE (not the windows cert store)?

5,133

Solution 1

You can use the constructor of the .NET Framework class X509Certificate2 that just takes a file name:

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 'C:\path\to\mycert.cer'
$thumbprint = $cert.Thumbprint

The $cert object here is of the exact same type as the objects you get from the Cert:\ drive, so all other methods and properties are available. You can also load information from a variety of different certificate formats.

Solution 2

USe this command on powershell.

Get-PfxCertificate -Filepath "PATH OF THE FILE STORED" -Password ($pwd = ConvertTo-SecureString -String "PASSWORD" -Force -AsPlainText)

Solution 3

The following command worked like a charm

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 'C:\path\to\mycert.cer'
$thumbprint = $cert.Thumbprint

Question: Any idea if possible to use .\mycert.cer for the file path, instead of the exact long path?

In this script

$certPath = 'C:\DirSync\cert.cer'
$certPath
$cert = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2($certPath)
$keyValue = [System.Convert]::ToBase64String($cert.GetRawCertData())
$base64Thumbprint = [System.Convert]::ToBase64String($cert.GetCertHash())
$base64Thumbprint
Share:
5,133

Related videos on Youtube

Dominic Brunetti
Author by

Dominic Brunetti

Updated on September 18, 2022

Comments

  • Dominic Brunetti
    Dominic Brunetti over 1 year

    I understand how to get the thumbprint of a certificate that's installed to a certificate store, however I'm hoping there is a way to get that information for a certificate FILE.

    So for example I'd have c:\temp\mycert.com.cer... how would I get the thumbprint from that file? Is it even possible? Google isn't being very helpful. I've been doing this in powershell as such to get this from the certificate store, but again - I need to get this info from a certificate FILE.

    $certCN = mysite.com
    $cert = Get-ChildItem cert:\LocalMachine\My -Recurse | where {$_.subject -like "*CN=$certCN*"} | where {$_.ExpiringInDays -lt "91"}
    $thumbprint = $cert.thumbprint
    
  • janv8000
    janv8000 almost 3 years
    Path.GetFullPath Method (System.IO) | Microsoft Docs => to get the absolute path form a relative one