windows 是否有命令行实用程序来提取证书指纹?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/4540970/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Is there a command line utility to extract the certificate thumbprint?
提问by mark
I have created a machine certificate. It appears in the Certificates (Local Computer)\Personal\Certificatescertificate repository folder. Now I wish to extract its thumbprint using a command line utility.
我已经创建了一个机器证书。它出现在Certificates (Local Computer)\Personal\Certificates证书存储库文件夹中。现在我希望使用命令行实用程序提取其指纹。
Unfortunately, the closest thing that I could find is in this article.
不幸的是,我能找到的最接近的东西是在这篇文章中。
I need to be able to perform this procedure on any Windows OS starting with XP.
我需要能够在从 XP 开始的任何 Windows 操作系统上执行此过程。
Thanks.
谢谢。
采纳答案by Paul
Old, but maybe this will help someone. Put the following in a powershell script(.ps1) and run it. It will print the thumb to the screen. watch the word wrap in my paste.
旧的,但也许这会帮助某人。将以下内容放入 powershell 脚本 (.ps1) 中并运行它。它会将拇指打印到屏幕上。观看我粘贴中的自动换行。
$computerName = $Env:Computername
$domainName = $Env:UserDnsDomain
write-host "CN=$computername.$domainname"
$getThumb = Get-ChildItem -path cert:\LocalMachine\My | where { $_.Subject -match "CN\=$Computername\.$DomainName" }
$getThumb.thumbprint
回答by kreinsch
Direct from command-line for a .cer file that isn't installed, and removes the embedded spaces (can probably be improved):
直接从命令行获取未安装的 .cer 文件,并删除嵌入的空格(可能可以改进):
certutil.exe <mycert>.cer | findstr /c:"Cert Hash(sha1)" | for /f "tokens=3-22" %f in ('more') do @echo %f%g%h%i%j%k%l%m%n%o%p%q%r%s%t%u%v%w%x%y
回答by Vadim
Get thumbprint directly from file .cer
直接从文件 .cer 获取指纹
const certpath = "\host\res\something.cer"
dim objStdOut
dim strLine, resString
set objStdOut = CreateObject("WScript.Shell").Exec("certutil " & certpath).StdOut
while not objStdOut.AtEndOfStream
strLine = objStdOut.ReadLine
if InStr(strLine, "(sha1)") > 0 then resString = trim(split(strLine, ":")(1))
wend
wscript.echo resString
回答by Gregg B. Jensen
In my case I could not use PowerShell, so I wrote this script to run with cscript.exe that will get you the thumb using a Regular Expression.
在我的情况下,我无法使用 PowerShell,所以我编写了这个脚本来运行 cscript.exe,它将使用正则表达式为您提供拇指。
If WScript.Arguments.Count() = 0 Then
WScript.Echo "Domain name to search for must be specified as first parameter."
WScript.Quit 1
End If
domain = WScript.Arguments.Item(0)
Set objShell = WScript.CreateObject ("WScript.shell")
' Get all certificate information in store.
Set objCert = objShell.Exec("certutil -store my")
certOutput = ""
Do While objCert.Status = 0
WScript.Sleep 10
Do While Not objCert.StdOut.AtEndOfStream
certOutput = certOutput & objCert.StdOut.ReadLine & vbNewLine
Loop
Loop
' Capture thumb for specified certificate using Regex.
Set thumbRegex = New RegExp
thumbRegex.Pattern = "Subject:\s+CN=" & domain & "\s*\n.*\n.*\nCert\sHash\(sha1\):\s+(.*)"
thumbRegex.IgnoreCase = True
thumbRegex.Global = False
' Verify match and trim out white space.
Set match = thumbRegex.Execute(certOutput)
result = ""
If match.Count > 0 Then
result = match.Item(0).Submatches(0)
result = Replace(result, " ", "")
WScript.Echo result
Else
WScript.Echo "The certificate for """ & domain & """ was not found."
WScript.Quit 2
End If
回答by B. Leslie
Here is a simple python script to do this:
这是一个简单的python脚本来做到这一点:
def getThumbPrint(cert, passwd):
val = ""
info = subprocess.Popen(["certutil", "-p", passwd, cert], shell=False, stdout=subprocess.PIPE)
for i in info.communicate()[0].split('\n'):
if i.startswith("Cert Hash(sha1):"):
val = i.split(':')[1].strip()
# There may be more than 1, we want the last one.
return val
