Microsoft certificate management via the PKI Client PowerShell module. https://technet.microsoft.com/en-us/itpro/powershell/windows/pkiclient/pkiclient
The PKI Client PowerShell module is only available on Windows 8+ and Windows Server 2012+. https://technet.microsoft.com/en-us/library/hh848636(v=wps.620).aspx
platform: | Windows |
---|---|
depends: |
|
New in version 2016.11.0.
salt.modules.win_pki.
export_cert
(name, thumbprint, cert_format='cer', context='LocalMachine', store='My', password='')¶Export the certificate to a file from the given certificate store.
Parameters: |
|
---|---|
Returns: | A boolean representing whether all changes succeeded. |
Return type: |
CLI Example:
salt '*' win_pki.export_cert name='C:\certs\example.cer' thumbprint='AAA000'
salt.modules.win_pki.
get_cert_file
(name, cert_format='cer', password='')¶Get the details of the certificate file.
Parameters: |
|
---|---|
Returns: | A dictionary of the certificate thumbprints and properties. |
Return type: |
CLI Example:
salt '*' win_pki.get_cert_file name='C:\certs\example.cer'
salt.modules.win_pki.
get_certs
(context='LocalMachine', store='My')¶Get the available certificates in the given store.
Parameters: | |
---|---|
Returns: | A dictionary of the certificate thumbprints and properties. |
Return type: |
CLI Example:
salt '*' win_pki.get_certs
salt.modules.win_pki.
get_stores
()¶Get the certificate location contexts and their corresponding stores.
Returns: | A dictionary of the certificate location contexts and stores. |
---|---|
Return type: | dict |
CLI Example:
salt '*' win_pki.get_stores
salt.modules.win_pki.
import_cert
(name, cert_format='cer', context='LocalMachine', store='My', exportable=True, password='', saltenv='base')¶Import the certificate file into the given certificate store.
Parameters: |
|
---|---|
Returns: | A boolean representing whether all changes succeeded. |
Return type: |
CLI Example:
salt '*' win_pki.import_cert name='salt://cert.cer'
salt.modules.win_pki.
remove_cert
(thumbprint, context='LocalMachine', store='My')¶Remove the certificate from the given certificate store.
Parameters: | |
---|---|
Returns: | A boolean representing whether all changes succeeded. |
Return type: |
CLI Example:
salt '*' win_pki.remove_cert thumbprint='AAA000'
salt.modules.win_pki.
test_cert
(thumbprint, context='LocalMachine', store='My', untrusted_root=False, dns_name='', eku='')¶Check the certificate for validity.
Parameters: |
|
---|---|
Returns: | A boolean representing whether the certificate was considered valid. |
Return type: |
CLI Example:
salt '*' win_pki.test_cert thumbprint='AAA000' dns_name='example.test'