Crypt32
commented
1 year ago It seems x509subjectalternativenamesextension is gone
it isn't gone, it remains, just moved. Latest release brings a lot of resource move out from Microsoft namespaces (System.Security.Cryptography.*) and moving to my own. You can see a list of moved types in the end of release notes: https://www.pkisolutions.com/tools/pspki/release-notes-for-pspki-v400/. TheX509SubjectAlternativeNameExtension` (singular) is Microsoft implementation which was added in .NET 7 and yet doesn't allow you to get everything from SAN extension comparing to my implementation.
so now, if you want to use my implementation of X509SubjectAlternativeNamesExtension, you must use new namespace:
$san = new-object SysadminsLV.PKI.Cryptography.X509Certificates.X509SubjectAlternativeNamesExtension $asn,0
darkrhyes
From comment/question #27 you had details on how to get the SAN from a certificate. With PowerShell 7 and the new .NET it doesn't work anymore. It seems x509subjectalternativenamesextension is gone and X509SubjectAlternativeNameExtension remains.
Here is what you had:
$row = Get-CA ca01.company.com | Get-DatabaseRow -Table Extension -RowID <rowid> -Filter "ExtensionName -eq 2.5.29.17" $rawBytes = [convert]::frombase64string($row.ExtensionRawValue) $asn = new-object security.cryptography.asnencodeddata @(,$rawBytes) $san = new-object security.cryptography.x509certificates.x509subjectalternativenamesextension $asn,0Now it only throws errors on the multiple previously working scripts I had. The closest I get to it still throws this error:
Cannot find an overload for "X509SubjectAlternativeNameExtension" and the argument count: "2".I constructed it similar to that original one but the SAN line looks like this and is in a Try-Catch:
$san = New-Object Security.Cryptography.X509Certificates.X509SubjectAlternativeNameExtension $asn,$falseAny idea how I can get this working again? I feel like it is interpreting some data wrong now but I can't get it to read it correctly.