The local root certificate entries can be viewed within Windows using PowerShell.
ls CERT:\CurrentUser\AuthRoot
$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("root","LocalMachine")
$store.Open("ReadOnly")
$store.certificates | select ThumbPrint,FriendlyName,NotAfter
A script is available at https://isc.sans.edu/forums/diary/Keep+An+Eye+on+your+Root+Certificates/23030/ to compare hashes to a previous dump.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.