PowerShell Core, OSX, and Certificates

%3CLINGO-SUB%20id%3D%22lingo-sub-89447%22%20slang%3D%22en-US%22%3EPowerShell%20Core%2C%20OSX%2C%20and%20Certificates%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-89447%22%20slang%3D%22en-US%22%3E%3CP%3EI%20wrote%20functions%20to%20encrypt%20and%20decrypt%20shared%20passwords.%20They%20work%20great%20on%20windows%20but%20we%20need%20to%20be%20able%20to%20run%20them%20on%20the%20Macs%20too.%20Part%20of%20the%20voodoo%20is%20an%20RSA%20cert%20loaded%20on%20each%20machine%20that%20exposes%26nbsp%3Bits%20private%26nbsp%3Bkey%20to%20do%20the%20encryption%2Fdecryption%20with.%20I%20can%20get%20the%20cert%20into%20Keychain%20but%20cannot%26nbsp%3Bfind%20a%20programmatic%20way%20to%20get%20it%20out%20again.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThe%20first%20piece%20of%20code%2C%20in%20part%2C%20does%20this%3A%3C%2FP%3E%3CP%3E%24thumbprint%20%3D%20'%3CTHUMB%20print%3D%22%22%20goes%3D%22%22%20here%3D%22%22%3E'%3CBR%20%2F%3E%24cert%20%3D%20Get-Item%20-Path%20Cert%3A%5CLocalMachine%5CMy%5C%24thumbprint%20-ErrorAction%20Stop%3C%2FTHUMB%3E%3C%2FP%3E%3CP%3E%3CBR%20%2F%3ECurrently%20there%20is%20no%20corresponding%20Cert%20drive%20on%20OSX%20to%20expose%20certificates%20through.%20It's%20feature%20request%20listed%20on%20the%20PowerShell%20Github%20site%20that%20isn't%20going%20to%20get%20worked%20on%20until%20after%20Core%206.0%20ships.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDoes%20anyone%20have%20an%20idea%20how%20to%20use%20bash%20or%20something%20similar%20-%20or%20-%20a%20powershell%20way%20other%20than%20Get-Item%20to%20get%20into%20Keychain%20on%20OSX%20and%20pull%20a%20cert%20out%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ECheers%3C%2FP%3E%3CP%3EJohn%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-89447%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EWindows%20PowerShell%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
Highlighted
Occasional Visitor

I wrote functions to encrypt and decrypt shared passwords. They work great on windows but we need to be able to run them on the Macs too. Part of the voodoo is an RSA cert loaded on each machine that exposes its private key to do the encryption/decryption with. I can get the cert into Keychain but cannot find a programmatic way to get it out again.

 

The first piece of code, in part, does this:

$thumbprint = '<thumb print goes here>'
$cert = Get-Item -Path Cert:\LocalMachine\My\$thumbprint -ErrorAction Stop


Currently there is no corresponding Cert drive on OSX to expose certificates through. It's feature request listed on the PowerShell Github site that isn't going to get worked on until after Core 6.0 ships.

 

Does anyone have an idea how to use bash or something similar - or - a powershell way other than Get-Item to get into Keychain on OSX and pull a cert out?

 

Cheers

John

0 Replies