PowerShell
PowerShell
Get Certificate Authority Information Access
See more Certificates Examples
Demonstrates how to get a certificate's Authority Information Access extension data (if it exists).Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
$cert = New-Object Chilkat.Cert
$success = $cert.LoadFromFile("qa_data/certs/test_haswdt.cer")
if ($success -ne $true) {
$($cert.LastErrorText)
exit
}
# Get the Authority Information Access extension, which is at OID 1.3.6.1.5.5.7.1.1
$extensionXmlStr = $cert.GetExtensionAsXml("1.3.6.1.5.5.7.1.1")
if ($cert.LastMethodSuccess -eq $false) {
$("Certificate does not have the AuthInfoAccess extension.")
exit
}
$xml = New-Object Chilkat.Xml
$xml.LoadXml($extensionXmlStr)
# See what we have..
$($xml.GetXml())
# We should get XML like this:
# <?xml version="1.0" encoding="utf-8" ?>
# <sequence>
# <sequence>
# <oid>1.3.6.1.5.5.7.48.2</oid>
# <contextSpecific tag="6" constructed="0">aHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
# cmVFbWFpbENBLmNydA==</contextSpecific>
# </sequence>
# <sequence>
# <oid>1.3.6.1.5.5.7.48.1</oid>
# <contextSpecific tag="6" constructed="0">aHR0cDovL29jc3AuY29tb2RvY2EuY29t</contextSpecific>
# </sequence>
# </sequence>
# Typically, a certificate AIA(Authority Information access) contains 2 parts:
#
# On-line Certificate Status Protocol (1.3.6.1.5.5.7.48.1)
# Certification Authority Issuer (1.3.6.1.5.5.7.48.2)
#
# The base64 content for each OID (in this case) is just a string.
# The data can be accessed and decoded like this:
$sbOcsp = New-Object Chilkat.StringBuilder
$success = $xml.GetChildContentSb("/C/oid,1.3.6.1.5.5.7.48.1|++",$sbOcsp)
if ($success -eq $true) {
$sbOcsp.Decode("base64","utf-8")
$("1.3.6.1.5.5.7.48.1: " + $sbOcsp.GetAsString())
}
$sbIssuer = New-Object Chilkat.StringBuilder
$success = $xml.GetChildContentSb("/C/oid,1.3.6.1.5.5.7.48.2|++",$sbIssuer)
if ($success -eq $true) {
$sbIssuer.Decode("base64","utf-8")
$("1.3.6.1.5.5.7.48.2: " + $sbIssuer.GetAsString())
}
# The output looks like this:
# 1.3.6.1.5.5.7.48.1: http://ocsp.comodoca.com
# 1.3.6.1.5.5.7.48.2: http://crt.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crt
# -------------------------------------------------------------------------------
# Note: The Chilkat path passed to GetChildContentSb is composed of two commands:
# The first command is "/C/oid,1.3.6.1.5.5.7.48.1". It says "traverse the XML tree from the caller
# node and stop at the 1st node having tag = "oid" and content = "1.3.6.1.5.5.7.48.1".
# The "|" char separates the 1st command from the 2nd.
# The 2nd command is "++" and says "move to the next sibling".