Mirrors/pfSense-Certificate-Viewer
1
0
Fork 0
mirror of https://github.com/alvarsedano/pfSense-Certificate-Viewer.git synced 2025-04-19 08:55:11 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update pfSenseCertViewer.ps1

Browse Source
This commit is contained in:
Alvaro Sedano 2019-07-21 17:53:58 +02:00 committed by GitHub
parent ba9277c62d
commit f7d68bc8f8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
pfSenseCertViewer.ps1
View File

@ -1,13 +1,26 @@
#### ####
### Extracting pfSense Certificates (without private key) ### Extracting pfSense Certificates (without private key)
#### ####
# Redefine the $cfg string variable to point to a valid unecripted pfSense Configuration XML file # Redefine the $cfg string variable to point to a valid unecripted pfSense Configuration XML file.
# You can also pass the command line FilePath parameter as path to the input XML cfg file
# The script will return the CA certificates, Server certificates, User certificated (used or not used) and duplicate Serial Number Certificates # The script will return the CA certificates, Server certificates, User certificated (used or not used) and duplicate Serial Number Certificates
# #
# Tested on PowerShell 5 and avobe # Tested on PowerShell 5 and avobe
# Created by Alvaro Sedano Galindo. al_sedano@hotmail.com # Created by Alvaro Sedano Galindo. al_sedano@hotmail.com
# #
#[CmdletBinding()]
Param (
[Parameter(Mandatory=$false,
Position=0,
ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true)]
[Alias("File")]
[string]$FilePath)
Function Get-CN { Function Get-CN {
Param([Parameter(Mandatory=$true)][string]$name) Param([Parameter(Mandatory=$true)][string]$name)
if($name -match "CN=([^,]*)") { if($name -match "CN=([^,]*)") {
@ -53,26 +66,40 @@ Function Add-Lista {
# BODY # BODY
# #
# Check if param 0 is assigned
if ($FilePath -eq $null -or $FilePath -eq '') {
[string]$cfg = "$env:USERPROFILE\Downloads\config-pfSense01.private.xml"
}
else {
# Use the FilePath console input parameter
[string]$cfg = $FilePath
}
if (-not (Test-Path -Path $cfg)) {
Write-Host "File '$cfg' not found. Process stopped." -BackgroundColor DarkRed
Exit 1
}
#Read XML pfSense config file #Read XML pfSense config file
[string]$cfg = "$env:USERPROFILE\Downloads\config-pfSense01.private.xml" [xml]$fxml = Get-Content $cfg -Encoding Default
[xml]$aaa = Get-Content $cfg -Encoding Default
#Get the CRL revocation list #Get the CRL revocation list
[DateTime]$time0 = '1970-01-01' [DateTime]$time0 = '1970-01-01'
[array]$listaR = @() [array]$listaR = @()
foreach($r in $aaa.pfsense.crl) { foreach($r in $fxml.pfsense.crl) {
$listaR += $r.cert | Select @{N='listRev';E={$r.descr.'#cdata-section'}}, caref, refid, reason, @{N='revDate';E={$time0.AddSeconds($_.revoke_time)}} $listaR += $r.cert | Select @{N='listRev';E={$r.descr.'#cdata-section'}}, caref, refid, reason, @{N='revDate';E={$time0.AddSeconds($_.revoke_time)}}
} }
#Add CA Certificates to $listaC (WITHOUT private keys) #Add CA Certificates to $listaC (WITHOUT private keys)
[array]$listaC = @() [array]$listaC = @()
Add-Lista -lista ([ref]$listaC) -obj ([ref]$aaa.pfsense.ca) -fromCA $true Add-Lista -lista ([ref]$listaC) -obj ([ref]$fxml.pfsense.ca) -fromCA $true
#Add user/server certificates to $listaC (WITHOUT private keys) #Add user/server certificates to $listaC (WITHOUT private keys)
Add-Lista -lista ([ref]$listaC) -obj ([ref]$aaa.pfsense.cert) -fromCA $false Add-Lista -lista ([ref]$listaC) -obj ([ref]$fxml.pfsense.cert) -fromCA $false
#Note: User Certificates created with old pfSense versions can set the EnhancedKeyUsageList property to <empty> #Note: User Certificates created with old pfSense versions can set the EnhancedKeyUsageList property to <empty>
Remove-Variable aaa, r Remove-Variable fxml, r
#List of CA Certificates #List of CA Certificates
Write-Output "`nCA Certificates" Write-Output "`nCA Certificates"