PowerShell
PowerShell
Get Certificate CRL Distribution Points
See more Certificates Examples
Demonstrates how to get a certificate's CRL Distribution Points extension data (assuming it exists). In the vast majority of cases, there will be one CRL Distribution Point.Note: This example requires Chilkat v9.5.0.76 or greater.
Chilkat PowerShell Downloads
Add-Type -Path "C:\chilkat\ChilkatDotNet47-x64\ChilkatDotNet47.dll"
$success = $false
$cert = New-Object Chilkat.Cert
$success = $cert.LoadFromFile("qa_data/certs/test_haswdt.cer")
if ($success -ne $true) {
$($cert.LastErrorText)
exit
}
# Get the CRL Distribution Points extension, which is at OID 2.5.29.31
$extensionXmlStr = $cert.GetExtensionAsXml("2.5.29.31")
if ($cert.LastMethodSuccess -eq $false) {
$("Certificate does not have the CDP extension.")
exit
}
$xml = New-Object Chilkat.Xml
$xml.LoadXml($extensionXmlStr)
# See what we have..
$($xml.GetXml())
# We should get XML like this:
# <?xml version="1.0" encoding="utf-8" ?>
# <sequence>
# <sequence>
# <contextSpecific tag="0" constructed="1">
# <contextSpecific tag="0" constructed="1">
# <contextSpecific tag="6" constructed="0">aHR0cDovL2NybC5jb21vZG9jYS5jb20vQ09NT0RPUlNBQ2xpZW50QXV0aGVudGljYXRpb25hbmRTZWN1
# cmVFbWFpbENBLmNybA==</contextSpecific>
# </contextSpecific>
# </contextSpecific>
# </sequence>
# </sequence>
#
# Assuming there is one CRL Distribution Point...
$sbDistPoint = New-Object Chilkat.StringBuilder
$success = $xml.GetChildContentSb("sequence|contextSpecific|contextSpecific|contextSpecific",$sbDistPoint)
if ($success -eq $true) {
$sbDistPoint.Decode("base64","utf-8")
$("CRL Distribution Point: " + $sbDistPoint.GetAsString())
}
# Sample output:
# CRL Distribution Point: http://crl.comodoca.com/COMODORSAClientAuthenticationandSecureEmailCA.crl