I'm using the following command to get a list of issued certificates in a Windows Server machine with Active Directory Certificate Services (ADCS) installed.
certutil -restrict 'Disposition=20' -out 'Binary Certificate' -view
It's all working fine and I get a list of X509 strings. Now, I want the same results, but with some type of pagination, so I can get a specific number of issued certificates for each call of this comand.
I didn't found anything in the man page for certuitl, but I'm able to use other tools to get it done, even if some Powershell utility is needed.
Just for clarification, I'm using this command through a script that calls it over WinRM connection, so I need to solve it programmatically.
Currently, when I use the command I got a long string with all isued certificates. For example, if I have 3 issued certificates the output of this command will be:
Row 1:
Binary Certificate:
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIRALL+P2asRHyfAgAAAAB9mgMwDQYJKoZIhvcNAQELBQAw
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEwMDYwNjQxMjBaFw0yMDEyMjkwNjQx
MjBaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRcwFQYDVQQDEw53
d3cuZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGp8Sp01kEsr
Gz98cyb/Kt+xvLJzsqGgIAOXjdHfjOzOUJTiMJIB/NIpQnDvNZ9L3qF3Zl2ecyFY
ZoI5LMyTrImjggJcMIICWDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUXXztHYUOkjN796BgKuPdcGaL
iVswHwYDVR0jBBgwFoAUmNH4bhDrz5vsYJ8YkBug630J/SswaAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5wa2kuZ29vZy9ndHMxbzFjb3Jl
MCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0MBkG
A1UdEQQSMBCCDnd3dy5nb29nbGUuY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQICMAwG
CisGAQQB1nkCBQMwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5wa2kuZ29v
Zy9HVFMxTzFjb3JlLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ALIeBcyL
os2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABdPzbivQAAAQDAEcwRQIgdhDC
6bAIuOvy8noeZWMbiudTQpTGD1Wkx4yeSSf1aiMCIQC2HHLZRGjNa043bqXSunpm
BadlxXX2pTa4GaLYAxvk9wB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vy
QVRuAAABdPzbivcAAAQDAEcwRQIgSq5jcykP0BrVPo/51u9PIdC63A5l/vFcUsj2
r5Ro4S8CIQDHff9rJmMTsXLviBW+/zAy1gWBKbqqdnNh/pXixUGtgTANBgkqhkiG
9w0BAQsFAAOCAQEAZXv8x/2Z/+1vAyuwVtx3Euw+pDfPF3UNuFJ64NzdYw8+xLK5
W31ILMOpQII1ERfkU2IxmoQlVpVBYNNMkBnMPNMSBzzlQNAxxL8Ze5JKE5sOkb/8
FoqAwWQYNERcUJ1u3y2viiR7chBLGElo7yXMJgx1so9HD8NVR3rEA9oScBVW5udV
Cjg0b0RCOKFU8e+xoaKX7/OeNddrwoVZnRmwvUddbx2rqU8TZdvJMAQaecot8bty
TVPk+4gxuNxIZSLufY7uDh/qZYNSc2/pSfyyM8CKO54Uq8VqVVb5tGmSXLWRbtBY
pM8zLEwTp1yoOFB3P5GCrZX63/USA8COaE32Ow==
-----END CERTIFICATE-----
Row 2:
Binary Certificate:
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIRALL+P2asRHyfAgAAAAB9mgMwDQYJKoZIhvcNAQELBQAw
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEwMDYwNjQxMjBaFw0yMDEyMjkwNjQx
MjBaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRcwFQYDVQQDEw53
d3cuZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGp8Sp01kEsr
Gz98cyb/Kt+xvLJzsqGgIAOXjdHfjOzOUJTiMJIB/NIpQnDvNZ9L3qF3Zl2ecyFY
ZoI5LMyTrImjggJcMIICWDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUXXztHYUOkjN796BgKuPdcGaL
iVswHwYDVR0jBBgwFoAUmNH4bhDrz5vsYJ8YkBug630J/SswaAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5wa2kuZ29vZy9ndHMxbzFjb3Jl
MCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0MBkG
A1UdEQQSMBCCDnd3dy5nb29nbGUuY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQICMAwG
CisGAQQB1nkCBQMwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5wa2kuZ29v
Zy9HVFMxTzFjb3JlLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ALIeBcyL
os2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABdPzbivQAAAQDAEcwRQIgdhDC
6bAIuOvy8noeZWMbiudTQpTGD1Wkx4yeSSf1aiMCIQC2HHLZRGjNa043bqXSunpm
BadlxXX2pTa4GaLYAxvk9wB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vy
QVRuAAABdPzbivcAAAQDAEcwRQIgSq5jcykP0BrVPo/51u9PIdC63A5l/vFcUsj2
r5Ro4S8CIQDHff9rJmMTsXLviBW+/zAy1gWBKbqqdnNh/pXixUGtgTANBgkqhkiG
9w0BAQsFAAOCAQEAZXv8x/2Z/+1vAyuwVtx3Euw+pDfPF3UNuFJ64NzdYw8+xLK5
W31ILMOpQII1ERfkU2IxmoQlVpVBYNNMkBnMPNMSBzzlQNAxxL8Ze5JKE5sOkb/8
FoqAwWQYNERcUJ1u3y2viiR7chBLGElo7yXMJgx1so9HD8NVR3rEA9oScBVW5udV
Cjg0b0RCOKFU8e+xoaKX7/OeNddrwoVZnRmwvUddbx2rqU8TZdvJMAQaecot8bty
TVPk+4gxuNxIZSLufY7uDh/qZYNSc2/pSfyyM8CKO54Uq8VqVVb5tGmSXLWRbtBY
pM8zLEwTp1yoOFB3P5GCrZX63/USA8COaE32Ow==
-----END CERTIFICATE-----
Row 3:
Binary Certificate:
-----BEGIN CERTIFICATE-----
MIIEyDCCA7CgAwIBAgIRALL+P2asRHyfAgAAAAB9mgMwDQYJKoZIhvcNAQELBQAw
QjELMAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczET
MBEGA1UEAxMKR1RTIENBIDFPMTAeFw0yMDEwMDYwNjQxMjBaFw0yMDEyMjkwNjQx
MjBaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQH
Ew1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgTExDMRcwFQYDVQQDEw53
d3cuZ29vZ2xlLmNvbTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGp8Sp01kEsr
Gz98cyb/Kt+xvLJzsqGgIAOXjdHfjOzOUJTiMJIB/NIpQnDvNZ9L3qF3Zl2ecyFY
ZoI5LMyTrImjggJcMIICWDAOBgNVHQ8BAf8EBAMCB4AwEwYDVR0lBAwwCgYIKwYB
BQUHAwEwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUXXztHYUOkjN796BgKuPdcGaL
iVswHwYDVR0jBBgwFoAUmNH4bhDrz5vsYJ8YkBug630J/SswaAYIKwYBBQUHAQEE
XDBaMCsGCCsGAQUFBzABhh9odHRwOi8vb2NzcC5wa2kuZ29vZy9ndHMxbzFjb3Jl
MCsGCCsGAQUFBzAChh9odHRwOi8vcGtpLmdvb2cvZ3NyMi9HVFMxTzEuY3J0MBkG
A1UdEQQSMBCCDnd3dy5nb29nbGUuY29tMCEGA1UdIAQaMBgwCAYGZ4EMAQICMAwG
CisGAQQB1nkCBQMwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5wa2kuZ29v
Zy9HVFMxTzFjb3JlLmNybDCCAQQGCisGAQQB1nkCBAIEgfUEgfIA8AB2ALIeBcyL
os2KIE6HZvkruYolIGdr2vpw57JJUy3vi5BeAAABdPzbivQAAAQDAEcwRQIgdhDC
6bAIuOvy8noeZWMbiudTQpTGD1Wkx4yeSSf1aiMCIQC2HHLZRGjNa043bqXSunpm
BadlxXX2pTa4GaLYAxvk9wB2AOcS8rA3fhpi+47JDGGE8ep7N8tWHREmW/Pg80vy
QVRuAAABdPzbivcAAAQDAEcwRQIgSq5jcykP0BrVPo/51u9PIdC63A5l/vFcUsj2
r5Ro4S8CIQDHff9rJmMTsXLviBW+/zAy1gWBKbqqdnNh/pXixUGtgTANBgkqhkiG
9w0BAQsFAAOCAQEAZXv8x/2Z/+1vAyuwVtx3Euw+pDfPF3UNuFJ64NzdYw8+xLK5
W31ILMOpQII1ERfkU2IxmoQlVpVBYNNMkBnMPNMSBzzlQNAxxL8Ze5JKE5sOkb/8
FoqAwWQYNERcUJ1u3y2viiR7chBLGElo7yXMJgx1so9HD8NVR3rEA9oScBVW5udV
Cjg0b0RCOKFU8e+xoaKX7/OeNddrwoVZnRmwvUddbx2rqU8TZdvJMAQaecot8bty
TVPk+4gxuNxIZSLufY7uDh/qZYNSc2/pSfyyM8CKO54Uq8VqVVb5tGmSXLWRbtBY
pM8zLEwTp1yoOFB3P5GCrZX63/USA8COaE32Ow==
-----END CERTIFICATE-----
For this example, I repeated the same certificate 3 times, but the a real result will bring 3 differente certificates
What I want is something like : certutil -restrict 'Disposition=20' -out 'Binary Certificate' -view -page 1 -pagesize 2
(This command does not exists) that will bring exactly same info, but just with 2 certificates and then use the same command with -page 2
that will bring the last one.
Is it possible?
Info:
- Windows Server 2016 (The ideal solution should work with older versions too)
- Powershell 5.1