Certificate management used to be tough. There have not been a single tool to manage all the aspects of it and administrators had to launch all these certsrv.msc, certtmpl.msc, certutil.exe, ocsp.msc, pkiview.msc, and so on. We had no bulk operations, had to manage each certificate authority (CA) in a separate MMC snapin, and so on.
That is now all a thing in the past with the new PowerGUI/PowerShell-based certificate management admin console created by PowerShell MVP Vadims Podāns (here’s English translation of his blog) and shared for free here.
Here’s a very quick summary of some of the features his tool has:
- Certificate Authorities management:
- CRL Distribution Points (CDP)
- Authority Information Access (AIA) settings
- Review CRLs
- Publish new CRLs
- Change CRL publishing periods including overlap settings
- Revoked Certificates
- Issued Certificates
- Pending requests
- Failed requests
- Issued certificate templates
- Revoke/unrevoke certificates
- Issue or deny pending requests for certificates
- Add/remove certificate templates to issue
- Change CRL/CRT/OCSP URL priorities
- Local certificate store management:
- Import/Export certificates using various certificate types (such CER/pkcs12/pkcs7/SST)
- Copy/move certificates between stores
- Delete certificate from store
- Validate certificates passing them through certificate chaining engine
- Sign files
- Online Certificate Status Protocol (OCSP) Responders management
- Review and change OCSP Responder settings
- Change OCSP URL priorities
All of these support bulk operations, filtering, and reporting. All are available with their source PowerShell code for your reference and scripting.
Could you ask for more? Please submit your feedback to Vadims – this will help him improve the pack.
Read more about the pack, see the screenshots, and download the tool here.
Are you also into PowerShell and have a great idea of a tool to make someone’s life easier – go for it – create your PowerPack and submit it to the contest!