PowerShell: Parse Specific Item from Output Formatted as List

2
votes

I need to programmatically determine if a specific certificate is involved, which is trivial. However, I'd like the output to only contain the subject line of said certificate.

Using the following, I can get a list of installed certificates:

Get-ChildItem -Recurse Cert:

========================================================================

Subject      : CN=VeriSign Class 3 Public Primary Certification Authority - G5
Issuer       : CN=VeriSign Class 3 Public Primary Certification Authority - G5
Thumbprint   : 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5
FriendlyName : VeriSign
NotBefore    : 11/7/2006 6:00:00 PM
NotAfter     : 7/16/2036 6:59:59 PM
Extensions   : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}

Subject      : CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Issuer       : CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Thumbprint   : 47BEABC922EAE80E78783462A79F45C254FDE68B
FriendlyName : Go Daddy Root Certificate Authority – G2
NotBefore    : 8/31/2009 7:00:00 PM
NotAfter     : 12/31/2037 5:59:59 PM
Extensions   : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}

Subject      : CN=StartCom Certification Authority, OU=Secure Digital     Certificate Signing, O=StartCom Ltd., C=IL
Issuer       : CN=StartCom Certification Authority, OU=Secure Digital    Certificate Signing, O=StartCom Ltd., C=IL
Thumbprint   : 3E2BF7F2031B96F38CE6C4D8A85D3E2D58476A0F
FriendlyName : StartCom Certification Authority
NotBefore    : 9/17/2006 2:46:36 PM
NotAfter     : 9/17/2036 2:46:36 PM
Extensions   : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid.}

Using this one I can find only the sections with a specific string:

Get-ChildItem -Recurse Cert: | select-string "CN=Go Daddy Root Certificate Authority"

========================================================================

Subject      : CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Issuer       : CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
Thumbprint   : 47BEABC922EAE80E78783462A79F45C254FDE68B
FriendlyName : Go Daddy Root Certificate Authority – G2
NotBefore    : 8/31/2009 7:00:00 PM
NotAfter     : 12/31/2037 5:59:59 PM
Extensions   : {System.Security.Cryptography.Oid, System.Security.Cryptography.Oid, System.Security.Cryptography.Oid}

However, I'd like to get only the "Subject" line so that my output is a single line. Ideally, the output looks like 

CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US

but as long as the single-line output contains only the certificate in question the result is fine.

1
powershellcertificate

1 Answers

4
votes

You could do something like:

Get-ChildItem -Recurse Cert: | Where-Object { $_.Subject -like 'CN=Go Daddy Root Certificate Authority*' } | Select Subject

Using Select-String makes you lose the objects that you are interested in, and then you are left to dealing with strings.

Note that you can find the particular certificate you are looking for by using a different property in the like comparison, such as FriendlyName. Example:

Get-ChildItem -Recurse Cert: | Where-Object { $_.FriendlyName -like 'Go Daddy Root Certificate Authority*' } | Select Subject