您可以从本地证书驱动器获取它们：

Get-ChildItem Cert:\CurrentUser\CA # user certs

Get-ChildItem Cert:\LocalMachine\CA # machine certs

Get-ChildItem Cert:\LocalMachine\My

如果您安装了WinRM，这会很有趣，但以一种更标准的方式来查找所有证书，最好使用如下内容

$store = New-Object System.Security.Cryptography.X509Certificates.X509Store("\\$server_name\My","LocalMachine")

$store.Open("ReadOnly")             
$store.Certificates

以下PowerShell脚本将要求提供远程计算机的DNS名称，然后要求提供域管理员凭据，以便可以连接和查询。生成的$AllCerts var包含来自每个商店的所有证书。然后，它还将它们导出到$env：temp文件夹中的CSV文件，并在Windows资源管理器中打开该文件夹。

function Get-Cert( $computer=$env:computername ){
    $cred = Get-Credential -Message "Enter credentials for a Domain Admin"
    $ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"    
    $Stores = (Invoke-Command $computer {Get-ChildItem cert:\LocalMachine} -Credential $cred).Name
    $AllStores = @()
    foreach ($store in $Stores){
        $AllStores += new-object System.Security.Cryptography.X509Certificates.X509Store("\\$computer\$store",$lm)
    }
    $AllStores.Open($ro)
    $AllStores.Certificates
}
write-host "Enter remote computer to poll certificate information from" -ForegroundColor Cyan
$remoteComputer = read-host
$AllCerts = Get-Cert $remoteComputer
$AllCerts = $AllCerts | Select Subject,Issuer,Thumbprint,NotBefore,NotAfter
$AllCerts | Where-Object {$_.NotAfter -lt (Get-Date)} | format-list 
$AllCerts | export-csv -NoTypeInformation $env:temp\$($remoteComputer)_AllCerts.csv
start $env:temp

很棒的剧本，我对它的命名有问题，可以很容易地成为我，但改变了这一点，对输出非常满意，谢谢！出发地：

$AllCerts | export-csv -NoTypeInformation $env:temp\$($remoteComputer)_AllCerts.csv
start $env:temp
To:
$AllCerts | export-csv c:\temp\AllCerts.csv -NoTypeInformation