tags:

views:

201

answers:

1
+1  Q: 

Agent-less method to enumerate certificates on a remote machine

So, I'm trying to develop an agent-less environment management tool. The tool would essentially checklist a group of servers for specific settings that you could specify and it will either simply just report back the results, or make modifications (if allowed to).

I've been able to figure out how to do much of this remotely, but have yet to figure out a way to see which certificates are installed an active on a machine remotely. I'm just looking for basic certificate information like name, thumbprint, expiration date, and cert-chain validity.

Anyone know of way to do this using C# or some other method, like WMI? My attempts to find related information on the internet have been abysmal.

+1  A: 

Well, one way to do this is with a very lightweight "pseudo" agent. You can connect to the admin$ share or some other share of the machine and run a process remotely. Of course, you have to authenticate, just like with WMI and all of that. This is how things like Dameware or corporate antivirus tools, etc, install applications to remote machines without using Active Directory and so forth. You can use something like psexec or roll your own remote execution method. The execuable you would run would just be something lightweight that gathers the information, assuming you already know how to get this information locally, and then report back to your server. You could achieve that easily by having it accept arguments about where your server or whatever method you prefer.

BobbyShaftoe  2009-01-31 03:05:12
Thats what I was afraid of, but doing the thin client is probably the only real way without installing an agent onto the box. Thanks for the input!
invenetix  2009-02-25 06:49:01
My solution was setting PowerShell policy to remote-signed for the domain and then pushing the script out to all the machines. The script writes directly into a MSMQ of the centralized auditing server. Then had the auditing service check the queue for input and process it as needed.Over 16 months since I asked, but thought I'd add the comment if others run across the issue. Remote enumeration of certificates using .NET is not possible unless the application is ran locally on the targeted server.
invenetix  2010-05-02 04:14:17

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?