Private/Certutil/Invoke-CertreqRetrieve.ps1
|
function Invoke-CertreqRetrieve { param( [Parameter(Mandatory)] [System.Management.Automation.Runspaces.PSSession] $Session, [Parameter(Mandatory)] [string] $RequestID ) $sb = { param([string]$RequestID) $caName = (Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\CertSvc\Configuration' ` -Name 'Active').Active $tempCert = [IO.Path]::Combine([IO.Path]::GetTempPath(), "$([IO.Path]::GetRandomFileName()).cer") try { $output = & certreq.exe -config ".\$caName" -retrieve $RequestID $tempCert 2>&1 $exitCode = $LASTEXITCODE $certBase64 = $null $status = if ($exitCode -ne 0) { 'Failed' } elseif (Test-Path $tempCert) { $certBase64 = [Convert]::ToBase64String([IO.File]::ReadAllBytes($tempCert)) 'Issued' } else { 'Pending' } [PSCustomObject]@{ RequestID = $RequestID Status = $status CertBase64 = $certBase64 ExitCode = $exitCode RawOutput = $output -join "`n" } } finally { Remove-Item -Path $tempCert -ErrorAction SilentlyContinue } } $result = Invoke-Command -Session $Session -ScriptBlock $sb -ArgumentList $RequestID -ErrorAction Stop if ($result.Status -eq 'Failed') { throw "certreq -retrieve failed for RequestID $RequestID (exit code $($result.ExitCode)): $($result.RawOutput)" } $result } |