New Post: PowerShell 5.0

September 11, 2016, 12:17 pm

≫ Next: Commented Unassigned: Return thumbprint from New-SelfSignedCertificateEx [100]

≪ Previous: Commented Unassigned: Return thumbprint from New-SelfSignedCertificateEx [100]

Two questions:

did you install server component of the module?
did you import the module?

PSPKI works on PowerShell 3.0 and newer. PowerShell 5.0 is supported.

↧

Commented Unassigned: Return thumbprint from New-SelfSignedCertificateEx [100]

September 12, 2016, 9:06 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: PowerShell 5.0

It would be great if New-SelfSignedCertificateEx could return a unique/identifying value such as thumbprint. Currently you have to use Get-ChildItem to query for the newly created certificate, which may return multiple items if there are one/more certificates in a given store with the same -DnsName value.
Comments: Awesome! Thanks so much for the quick response on this!

↧

New Post: Error Funcion Get-Certification Authority

September 21, 2016, 9:18 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: Commented Unassigned: Return thumbprint from New-SelfSignedCertificateEx [100]

After installing the module 3.2.6 PKI PS in server mode in an environment of certification , the Get- certificationAuthority function is not enabled. Thank help us to know if a policy , configuration or other item that can block this function

↧

New Post: Error Funcion Get-Certification Authority

September 21, 2016, 10:38 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

What error message do you see?

↧

New Post: Error Funcion Get-Certification Authority

September 21, 2016, 6:53 pm

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

specifically I need two IssuedRequest and Get- certificationAuthority functions when writing IssuedRequest function parameters asks me , but when I write the Get- certificationAuthority function is active does not appear as if it had not mattered that function command.

↧

New Post: Error Funcion Get-Certification Authority

September 26, 2016, 7:39 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

Thank you help us guide us to know if it is a policy that is blocking the function Get-certificationAuthority. Thank you.

↧

New Post: Error Funcion Get-Certification Authority

September 26, 2016, 9:05 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

Can you be more specific? I still didn't get what is your problem.

↧

New Post: Error Funcion Get-Certification Authority

September 26, 2016, 10:20 am

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

In an environment with Active Directory module installation was performed PSPKI. many functions are enabled but the Get-certificationAuthority function is not active.

The error that I have at the moment is the following:

PS C:\Windows\system32> Get-CertificationAuthority
Get-CertificationAuthority : The term 'Get-CertificationAuthority' is not recognized as the name of a cmdlet,
function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the
path is correct and try again.
At line:1 char:1
Get-CertificationAuthority
~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : ObjectNotFound: (Get-CertificationAuthority:String) [], CommandNotFoundException
FullyQualifiedErrorId : CommandNotFoundException

↧

New Post: Error Funcion Get-Certification Authority

September 28, 2016, 2:00 pm

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

I appreciate your help with the case mentioned

↧

New Post: Error Funcion Get-Certification Authority

October 10, 2016, 12:46 pm

≫ Next: New Post: Error Funcion Get-Certification Authority

≪ Previous: New Post: Error Funcion Get-Certification Authority

Good evening
The function is already active, but when the Get-certificationAuthority command runs the error is generated:
Exception calling

↧

New Post: Error Funcion Get-Certification Authority

October 17, 2016, 12:26 pm

≫ Next: Created Unassigned: Issues with Set-CertificateExtension [101]

≪ Previous: New Post: Error Funcion Get-Certification Authority

Sorry for delayed response.

Can you show the output of the following command: Get-Command -Module PSPKI

↧

Created Unassigned: Issues with Set-CertificateExtension [101]

October 19, 2016, 12:44 pm

≫ Next: Commented Unassigned: Issues with Set-CertificateExtension [101]

≪ Previous: New Post: Error Funcion Get-Certification Authority

Hi,

I'm working with PSPKI v3.2.6.

When using Set-CertificateExtensions, I have some issues :

* With the "-Remove" switch, powershell complains about an unavailable type ([PKI.ASN.ASN1])
For example (output is in French) :

PS C:\Tests> Get-PendingRequest -CertificationAuthority $mdpIGCobj -RequestID 485 | Set-CertificateExtension -Extension "2.5.29.17" -Remove
Type [PKI.ASN.ASN1] introuvable. Assurez-vous que l'assembly qui contient ce type est chargé.
Au caractère ...\Documents\WindowsPowerShell\Modules\PSPKI\Server\Set-CertificateExtension.ps1:53 : 7
+ [void][PKI.ASN.ASN1]::EncodeObjectIdentifier($ext)
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation : (PKI.ASN.ASN1:TypeName) [], RuntimeException
+ FullyQualifiedErrorId : TypeNotFound

It seems that the call to [void][PKI.ASN.ASN1]::EncodeObjectIdentifier should be replaced by a call to [void][SysadminsLV.Asn1Parser.Asn1Utils]::EncodeObjectIdentifier on line 53.

* When trying to run the Example 1 in the Set-CertificateExtension page, Powershell complains about the use of an available operator (op_modulus) on a [System.Byte[]] type.
For example (output also in French) :

PS C:\Tests> Get-PendingRequest -CertificationAuthority $mdpIGCobj -RequestID 485 | Set-CertificateExtension -Extension $SAN
Échec lors de l'appel de la méthode, car [System.Byte[]] ne contient pas de méthode nommée « op_Modulus ».
Au caractère ...\Documents\WindowsPowerShell\Modules\PSPKI\Server\Set-CertificateExtension.ps1:36 : 27
+ [Byte[]]$bytes = if ($ext.RawData % 2) {$ext.RawData + 0} else {$ext.RawDat ...
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation : (op_Modulus:String) [], RuntimeException
+ FullyQualifiedErrorId : MethodNotFound

It seems that the length property has been omitted when calling $ext.RawData on lines 20 and 36.

Thanks by advance for your help.

Best regards.

Thierry

↧

Commented Unassigned: Issues with Set-CertificateExtension [101]

October 19, 2016, 1:13 pm

≫ Next: Commented Unassigned: Issues with Set-CertificateExtension [101]

≪ Previous: Created Unassigned: Issues with Set-CertificateExtension [101]

↧

Commented Unassigned: Issues with Set-CertificateExtension [101]

October 19, 2016, 11:44 pm

≫ Next: New Post: Compatible frameworks

≪ Previous: Commented Unassigned: Issues with Set-CertificateExtension [101]

↧

New Post: Compatible frameworks

October 20, 2016, 11:43 pm

≫ Next: New Post: Compatible frameworks

≪ Previous: Commented Unassigned: Issues with Set-CertificateExtension [101]

I use module 3.2.6.

Which frameworks are compatible with 3.2.6.

I can see Module Requirements (framework 4.0) but I have to uninstall it from my server. I will install framework 4.6.2.

Can I use the module with framework 4.6.2?

Thanks

↧

New Post: Compatible frameworks

October 21, 2016, 1:01 am

≫ Next: New Post: Compatible frameworks

≪ Previous: New Post: Compatible frameworks

.NET 4.0 is the minimum supported version, this means that any newer framework version is supported.

↧

New Post: Compatible frameworks

October 21, 2016, 1:11 am

≫ Next: New Post: Least privileged user

≪ Previous: New Post: Compatible frameworks

Thanks :)

↧

New Post: Least privileged user

October 25, 2016, 2:20 am

≫ Next: New Post: Least privileged user

≪ Previous: New Post: Compatible frameworks

Hi,

I'm using PSPKI v3.2.6
I'm trying to retrieve the issued certificates remotely. When I'm doing this with a regular AD user I get this error:

Get-IssuedRequest : Exception calling "GetSchema" with "0" argument(s): "Specified Certification Authority 'XXXXXXXXXX' is unavailable."
At C:\scripts\CertScript.ps1:10 char:76

$certarray = Get-CertificationAuthority -ComputerName XXXXXXXXXX | Get-I ...
~~~~~
- CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException
- FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Get-IssuedRequest

The powershell command in question is the following:
Get-CertificationAuthority -ComputerName <CA FQDN> | Get-IssuedRequest -Property UPN,CertificateTemplate

If I'm local admin on the CA machine, this works remotely without problems.
The question is: What are the minimum permissions I should give to my user to make this work?

Thank you,
Zoltan

↧

New Post: Least privileged user

October 25, 2016, 12:00 pm

≫ Next: New Post: Least privileged user

≪ Previous: New Post: Least privileged user

You must be granted CA Manger permissions on CA server.

↧

New Post: Least privileged user

October 26, 2016, 6:03 am

≫ Next: Created Unassigned: Bad example for Set-CertificateTemplate [102]

≪ Previous: New Post: Least privileged user

Thank you, it works.

↧