(imported topic written by richard.phung)
I am looking for some relevance for an analysis that pulls the Trusted Root Certification Authorities information.
Namely, I want to filter the Issued By (our organization) and display the Expiration Date.
(imported comment written by jgstew)
This isn’t an answer, but this is something that I have been looking to do as well, but I haven’t figured it out yet.
There is certificate information in the registry, but it is hard to figure out how to decode it.
There is also the certutil command line that could be run with a scheduled task and the results could be compiled using an analysis. “runascurrentuser certutil -store -user > %username%_certs.txt”
Here are some related posts and sites from my research:
Any progress here?..