PowerShell

How to Retrieve an SSL Thumbprint in Windows using PowerShell

SysEnthusiast2 Comments

When you need to specify claims found in a certificate for client or server authentication, you may need to submit a Thumbprint claim.

This can be performed also by using MMC. https://techdirectarchive.com/2020/01/05/how-to-retrieve-an-ssl-thumbprint-in-windows-using-mmc/

From the Start Menu, Search for PowerShell
– Right-click on it and select run as an Administrator

This will open up the Windows PowerShell. Run the follow cmdlets below.

Get-ChildItem -path cert:\LocalMachine\My

In the screenshot above, you will be able to see the thumbprint, copy your desired thumbprint and paste wherever you wish to make use of it.

PowerShell Remoting | Windows Management Instrumentation

SysEnthusiastLeave a comment

As defined by Microsoft: Windows PowerShell remoting lets you run any Windows PowerShell command on one or more remote computers. You can establish persistent connections, start interactive sessions, and run scripts on remote computers. PowerShell remoting is similar to SSH used in accessing remote computers.

PowerShell Remoting uses the Windows Management Instrumentation (protocol) – WMI is a set of specifications from Microsoft for consolidating the management of devices and applications in a network from Windows systems. WMI provides information about the status of local or remote computer systems to users.

Note: PowerShell is disabled by default, so you will have to enable PowerShell Remoting before it can be used.

This is the Commandline tool needed to have the WMI enabled, But in my lab, it was already running as displayed. Simply enter

  • winrm quickconfig

Since this is already enabled and running as stated, we will proceed to access computers remotely.

If you wish to enable PowerShell Remoting via Powershell cmdlet, simply run the command below.

  • Enable-PSRemoting -Force

As you can see, the WinRM service is already running. The next step would be to access our computers remotely.

Note: in order to achieve success in setting up PowerShell Remoting in your domain depends on how your network is provisioned. Most-times, this service can be disabled via GPO. You will need an Administrative privilege in order to administer PowerShell Remoting.

Now that we have successfully connected to a computer on our network as shown above.
– Lets us now perform certain operations to get the computer system and security logs. Kindly see the image below for these steps.

Note: You can also connect to multiple computers at the same time and this requires using the PowerShell invoke cmdlet as shown below

Invoke-Command -ComputerName COMPUTER -ScriptBlock { COMMAND } -credential USERNAME

Cmdlet explanation: “computer” here represents the remote PC name or IP Address. “Command” here is the command you intend to run. “USERNAME” is the username you want to run the command as on the remote computer. This should have the needed Administrative privileges.

Note: You’ll be prompted to enter the desired password for the username

Further Tips: Needed to have a mastery of this service.
– Restart-Service WinRM
– Test-WsMan COMPUTER (This is needed to test if the WinRM service is running on the remote computer). If this executes successfully, then everything is alright.