curt

1.0.0

curt.psm1

                                <#

.SYNOPSIS

Interactive certificate picker using fzf. Outputs serial numbers for piping to certutil.

.DESCRIPTION

Lists certificates from a certificate store, presents an fzf multi-select picker,

and outputs the serial number(s) of selected certificates.

.EXAMPLE

# Browse and select certs (interactive)

curt

# Use LocalMachine store (requires admin)

curt -Store Lm

# Delete selected certs

curt | ForEach-Object { certutil -delstore My $_ }

# Delete from LocalMachine store

curt -Store Lm | ForEach-Object { certutil -delstore -enterprise My $_ }

#>

function Invoke-Curt {

    [CmdletBinding()]

    [Alias('curt')]

    param(

        [Parameter()]

        [ValidateSet('My', 'Lm')]

        [string]$Store = 'My'

    )

    $certPath = if ($Store -eq 'Lm') { 'Cert:\LocalMachine\My' } else { 'Cert:\CurrentUser\My' }

    $storeName = if ($Store -eq 'Lm') { 'LocalMachine\My' } else { 'CurrentUser\My' }

    $certs = Get-ChildItem $certPath | ForEach-Object {

        $expiry = $_.NotAfter.ToString('yyyy-MM-dd')

        $serial = $_.SerialNumber

        $subject = $_.Subject

        if ($subject.Length -gt 60) { $subject = $subject.Substring(0, 57) + '...' }

        # format: SERIAL | EXPIRY | SUBJECT

        "{0}  |  {1}  |  {2}" -f $serial, $expiry, $subject

    }

    if (-not $certs) {

        Write-Warning "No certificates found in $storeName"

        return

    }

    $header = "[$storeName] TAB=select  ENTER=confirm  ESC=cancel"

    $selected = $certs | fzf -m --header $header --reverse

    if (-not $selected) { return }

    # Extract serial number (everything before the first |)

    $selected | ForEach-Object {

        ($_ -split '\|')[0].Trim()

    }

}

Export-ModuleMember -Function Invoke-Curt -Alias curt