The following PowerShell will test functionality of an HTTPS-enabled Management Point by using a locally installed client authentication certificate and testing the MPCert and MPList URLs:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| [CmdletBinding()]
Param(
[Parameter(Mandatory = $true)]
[string]$ManagementPointFqdn,
[Parameter(Mandatory = $true)]
[string]$CAName
)
$Certificate = Get-ChildItem -Path Cert:\LocalMachine\My\ | Where-Object -FilterScript {$_.EnhancedKeyUsageList -like 'Client Authentication (1.3.6.1.5.5.7.3.2)' -and $_.Issuer -like "*$CAName*"} | Select-Object -First 1
Write-Host "MPCert Results:"
Invoke-WebRequest -Uri "https://$ManagementPointFqdn/sms_mp/.sms_aut?mpcert" -Certificate $Certificate -UseBasicParsing | Select-Object -ExpandProperty Content
Write-Host "MPList Results:"
Invoke-WebRequest -Uri "https://$ManagementPointFqdn/sms_mp/.sms_aut?mplist" -Certificate $Certificate -UseBasicParsing | Select-Object -ExpandProperty Content
|
Sample output from my lab:
1
2
3
4
5
| PS C:\CORP> .\Test-HTTPSManagementPoint.ps1 -ManagementPointFqdn cmpsb01.corp.ajf.one -CAName "AJF.ONE CORP SIGNING CA"
MPCert Results:
<MPCertificate><Certificate>30820616308203FEA003020102021378000000723A1D42C83A28C278000000000072300D06092A864886F70D01010B0500306231133011060A0992268993F22C64011916036F6E6531133011060A0992268993F22C6401191603616A6631143012060A0992268993F22C6401191604636F72703120301E06035504031317414A462E4F4E4520434F5250205349474E494E47204341301E170D3232313032303136353133395A170D3234313031393136353133395A301F311D301B06035504031314434D50534230312E636F72702E616A662E6F6E6530820122300D06092A864886F70D01010105000382010F003082010A0282010100BF1EDD70ED259ADCB8147DD2BEB483C5C68B38CDB3E9DFAF22402BE9D49D554D083B64A36BFBBB51C7D59218C860951711DE948E3FCFB56E91D998A66878BF3F038C4D78A2D55C10C1813AB212DAB2C170A76B4830CCC607374346ECFBF176AD9CB2CA87C095545CC31B370B41CD827DB63D7DFCCA432E6B84D9A38B83BD9A178C8C57D2E965B6108C36D7524FEFF9111077B1D7AEBB65DD96752BD2F4C7DC1B7130BAF12FF266BA8B10372E288AF933404D2BB0B86BA9A659A54C3502E3B57BEFF58DA69A2EF60654235ECD713CCE0B4D44A588C1CBE0B829CCF7AEFA090E601912914F4919E52CCC795FD7A51F8CB8842E00B697E9C63377C944580035B7390203010001A382020630820202303D06092B06010401823715070430302E06262B060104018237150883C8945083A2FC2387B9992583ECC3318396AD594282E7BB6286EEAC4502016402010230130603551D25040C300A06082B06010505070301300E0603551D0F0101FF0404030205A0301B06092B060104018237150A040E300C300A06082B06010505070301301D0603551D0E0416041433035B65CAF05437A25323F1EB77549E2B7F114A301F0603551D23041830168014F83D3E0A1BE77F0B81CF6804154B08FC812CCCBD30550603551D1F044E304C304AA048A0468644687474703A2F2F706B692E636F72702E616A662E6F6E652F43657274456E726F6C6C2F414A462E4F4E45253230434F52502532305349474E494E4725323043412E63726C307606082B06010505070101046A3068306606082B06010505073002865A687474703A2F2F706B692E636F72702E616A662E6F6E652F43657274456E726F6C6C2F434F5250444330312E636F72702E616A662E6F6E655F414A462E4F4E45253230434F52502532305349474E494E4725323043412E637274301F0603551D11041830168214434D50534230312E636F72702E616A662E6F6E65304F06092B060104018237190204423040A03E060A2B060104018237190201A030042E532D312D352D32312D313734353239363139332D323232363739343739362D323339333132363335372D31323135300D06092A864886F70D01010B05000382020100ADA08750C34DF1CC77EE83A809D7ACBE75F2993E11652DA7651D172BA65B8C87F88D26F9FC779BAB2ED9715F74EAFD774FD0396A4836B03434AE7F9EBED4B82AAB18F14814C065823230AA884B8B90F37913D569E5FCFB924331DC892FEB27C4DBF6FFF81291BD5DA9FD34DE7645854B57336448361D1F6EFCC6F247F16028567F4A3FE0E355A3268385688692F103742C869B9E1D5F7D34382FB4D1DAD1031670D896A4AE217854ED6C1A2ED7B4AB1A07DBDEFF08126117EFE875727C37AA22CAE0865E219A8524585F2BCF2E3B13609AD58BCB7C3E95DC45E7370D989FE83EC3515E1EC744D6B9E3B21E21FB30B932496A3F9D70C662949505B1740BC09B754CE7915B520435DFD7CF2655F0B89E97450E0B2C9C32B36CA10FC6153C5C0AF9276AA27BE17A146842D1DD86E5B965029F4816B8692704E8349993B88BE2CC3A6288E4D8F9A0055FC4EFEC98E252A9E555B477BE23328CD9F706C2468232376C4EF4FE0C2D49AEE6B93AA56E8DAFA2FB3576FD32AEA55DE320F21F2C8ED5A4361893718314AF8A9CAB5E7E86DF094075503C1625EA6BA2C11C374D36604D120645EBED97E44145D648B05E9852AB868C1A04211D76FB852E063ECDA78131C73E4024B8B39B9FF9D63E7DA31DA64D24BD60F26642D19E03DE9A99A4D68AB235ED73A34CC87CBB29AAABF24CBDAEBE5DCD9C975CC3976457B798EF68693090618B</Certificate></MPCertificate>
MPList Results:
<MPList><MP Name="CMPSB01.CORP.AJF.ONE" FQDN="CMPSB01.corp.ajf.one"><Version>9088</Version><Capabilities SchemaVersion="1.0"><Property Name="SSL" Version="1"/><Property Name="SSLState" Value="63"/></Capabilities></MP></MPList>
|
The above script is also available in my GitHub.