Archive for November 6th, 2009

New enterprise PKI management console

Certificate management used to be tough. There have not been a single tool to manage all the aspects of it and administrators had to launch all these certsrv.msc, certtmpl.msc, certutil.exe, ocsp.msc, pkiview.msc, and so on. We had no bulk operations, had to manage each certificate authority (CA) in a separate MMC snapin, and so on.

That is now all a thing in the past with the new PowerGUI/PowerShell-based certificate management admin console created by PowerShell MVP Vadims Podāns (here’s English translation of his blog) and shared for free here.

Here’s a very quick summary of some of the features his tool has:

  • Certificate Authorities management:
    • CRL Distribution Points (CDP)
    • Authority Information Access (AIA) settings
    • Review CRLs
    • Publish new CRLs
    • Change CRL publishing periods including overlap settings
    • Revoked Certificates
    • Issued Certificates
    • Pending requests
    • Failed requests
    • Issued certificate templates
    • Revoke/unrevoke certificates
    • Issue or deny pending requests for certificates
    • Add/remove certificate templates to issue
    • Change CRL/CRT/OCSP URL priorities
  • Local certificate store management:
    • Import/Export certificates using various certificate types (such CER/pkcs12/pkcs7/SST)
    • Copy/move certificates between stores
    • Delete certificate from store
    • Validate certificates passing them through certificate chaining engine
    • Sign files
  • Online Certificate Status Protocol (OCSP) Responders management
    • Review and change OCSP Responder settings
    • Change OCSP URL priorities

All of these support bulk operations, filtering, and reporting. All are available with their source PowerShell code for your reference and scripting.

Could you ask for more? Please submit your feedback to Vadims – this will help him improve the pack.

Read more about the pack, see the screenshots, and download the tool here.

Are you also into PowerShell and have a great idea of a tool to make someone’s life easier – go for it – create your PowerPack and submit it to the contest!

Tags: , , , , , ,


My Recent Tweets

Legal

The posts on this blog are provided “as is” with no warranties and confer no rights. The opinions expressed on this site are mine and mine alone, and do not necessarily represent those of my employer - WSO2 or anyone else for that matter. All trademarks acknowledged.

© 2007-2014 Dmitry Sotnikov

November 2009
M T W T F S S
 1
2345678
9101112131415
16171819202122
23242526272829
30  

%d bloggers like this: