VBScript: how to manage SSL certificates

luca 24/10/2013 0

Yesterday at work I needed to write a script to check if an SSL certificate was present in the user’s store and – if not – to automatically import it…

CAPICOM

CAPICOM is an ActiveX control that exposes, via Microsoft COM, a set of functions from the Windows CryptoAPI.

In VBScript, we can therefore call the CreateObject to get an instance of its store object:

Set store = CreateObject("CAPICOM.Store")

Using the open method, we can now open a given store.

The stores available are defined by constants:

Const CAPICOM_MEMORY_STORE				= 0
Const CAPICOM_LOCAL_MACHINE_STORE			= 1
Const CAPICOM_CURRENT_USER_STORE 			= 2
Const CAPICOM_ACTIVE_DIRECTORY_USER_STORE 		= 3
Const CAPICOM_SMART_CARD_USER_STORE			= 4

so the different open modes:

Const CAPICOM_STORE_OPEN_READ_ONLY 		= 0
Const CAPICOM_STORE_OPEN_READ_WRITE 		= 1
Const CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED 	= 2
Const CAPICOM_STORE_OPEN_EXISTING_ONLY		= 128
Const CAPICOM_STORE_OPEN_INCLUDE_ARCHIVED 	= 256

For example, let’s open the user’s personal (“My“) store in read only:

store.Open CAPICOM_CURRENT_USER_STORE, "My", CAPICOM_STORE_OPEN_READ_ONLY

Now we can obtain the certificates and, for each of them, print its SubjectName:

For Each cert In store.CERTIFICATES
  WScript.Echo cert.SubjectName
Next

or use the available methods to import, export, delete the certificates…

CAPICOM is not included in Windows 64bit… Ryan Hurts in this blog post explains how to install it and how to use it also with those OSes.

Leave A Response »

This website uses cookies to ensure you get the best experience on our website maggiori informazioni

Questo sito utilizza i cookie per fonire la migliore esperienza di navigazione possibile. Continuando a utilizzare questo sito senza modificare le impostazioni dei cookie o clicchi su "Accetta" permetti al loro utilizzo.

Chiudi