Posts on this page:

PowerShell PKI Module v3.2.6 is out!

Hello S-1-1-0!

After three months since PSPKI module v3.2.5 was released I received a number of unfortunate bugs (which weren’t tested very well from my side) and other issues. So I decided to address them while I have some spare time. In addition, I made an attempt to provide new functionality I really missed in the module.

This release is intended to make the module more stable and less buggy. In some aspects it become faster.

Bug Fixes

I have fixed a number of private bugs (found by myself) and publically reported bugs:

For detailed change logs and privately reported issues see:


Read more →

PowerShell PKI Module v3.2.5 is released!

I’m glad to announce another version of PowerShell PKI module release.

What’s new?

This release includes major internal code changes with new functionality.

  • Code reorganization

At first, I completely separated Abstract Syntax Notation (ASN.1) code from main library to a dedicated DLL: SysadminsLV.Asn1Parser.dll. As I mentioned in one of previous posts, PKI.Core.dll and ASN parser are opensourced on GitHub: pkix.net and Asn1DerParser.NET.


Read more →

Open Source Day

It was a long-waited decision, however, finally I did it. Today I released my two major .NET projects to GitHub:

  • ASN.1 Parser

This is my own ASN.1 binary parser. ASN.1 parser/reader is a mandatory component when you are dealing with cryptography and cryptographic messages, because all they use ASN.1. I’m using this library in ASN.1 Editor and PowerShell PKI module’s API library (it is now opensourced as well).


Read more →

Manage pending certificate requests in ADCS with PowerShell

I think, I have to publish several articles that would cover common PKI/ADCS administration tasks with PowerShell by using my PowerShell PKI module (of course!). Today I'll cover very simple, but very common task: managing pending certificate requests.

In this post we would propose the following scenario:

  • IIS admin requested certificate for internal SharePoint portal
  • Certificate template is configured to require CA manager approval to issue the certificate.
  • No certificate will be issued until CA manager review and approve the request.

Just to make it clear, CA manager approval is configured in the certificate template, as follows:

you, as CA manager, received notification about incoming certificate request. Your task is to review the certificate request to ensure that it is properly constructed and conforms internal security policies and then make decision: approve or deny certificate request. You can do this by using Certification Authority MMC snap-in, but this would require a lot of clicks and without having a chance to automate this. Another solution that includes PowerShell offers you great automation capabilites.


Read more →

PowerShell PKI module, v3.1

Yesterday I released another version of PowerShell PKI module v3.1.

Though, this release is not that big like v3.0. Only 1 (one!) new command is added (Get-EnterprisePKIHealthStatus) and various bug fixes (as usually). On the other hand it includes very important things which are hidden behind the scene.

The project is growing and I have to battle hard with poor design decisions I made previously. Of course, I could break everything and make it as per all guidelines. However, it is too late, 3000 downloads for the past 7 months is not a joke and I can’t simply break it.

Next sections will cover some development details, so you can scroll down to the end of post to get the right link :)


Read more →