Update: you actually *can* update the property (even if it’s not there). Seems I was just too blind to notice it earlier. Thanks to Michel De Rooij for pointing this out.
In one of my earlier articles, I wrote about how to integrate Office Web Apps with Exchange Server 2013. As part of that process you had to configure the Office Web Apps farm with the name of the certificate that the farm would use.
The certificate attribute that you have to use is stored in the “Friendly Name”-property of the certificate. Although it’s pretty easy using the MMC (duh!), it’s always nice being able to do something through PowerShell.
According to an article I found, certutil.exe could be used to add a Friendly Name to a certificate. Although CertUtil.exe certainly proved its value in the past, I’m not particularly fond of it either.
Unsurprisingly, the solutions with PowerShell is pretty easy! Using the Set-Location cmdlet, you can change your active namespace to the certificate store:
From there, navigate to the location where the certificate you want to add (or change) the property for. For instance:
Using Get-ChildItem we can retrieve a list of all the certificates in the store:
PS Cert:\CurrentUser\my> Get-ChildItem Directory: Microsoft.PowerShell.Security\Certificate::CurrentUser\my Thumbprint Subject ---------- ------- FEA21BCDB0FBFC2B00EBE4DA8A524D0C0999FBDC Efirstname.lastname@example.org, CNemail@example.com, Description=fgt8C... 100953EB6F74F5B60937BB0C7329037D9AE9927A CN=xowas.xylos.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com 070D4C36B95D9550488F4A2DDCEAF76F5B6C7AAA CN=outlook.linkedinlabs.com, O=DO_NOT_TRUST, OU=Created by http://www.fidd... 0224B3E25491F1A7F71D8367B147F41F3C1250D5 CN=www.google.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com
Once you’ve determined what certificate you want to update, we need to query the certificate and update the FriendlyName property as follows:$cert = GCI
$cert.FriendlyName = “FriendlyName”
PS Cert:\CurrentUser\my> $cert = gci 070D4C36B95D9550488F4A2DDCEAF76F5B6C7AAA PS Cert:\CurrentUser\my> $cert.FriendlyName = "FriendlyName"
That’s it! To verify that the property was set successfully, do the following:
gci | fl name,FriendlyName
PS Cert:\CurrentUser\my> gci 070D4C36B95D9550488F4A2DDCEAF76F5B6C7AAA | fl ThumbPrint,FriendlyName Thumbprint : 070D4C36B95D9550488F4A2DDCEAF76F5B6C7AAA FriendlyName : FriendlyName