Grep for Windows PowerShell

I recently needed to search a file in Windows for matching lines of text and did some looking around for a built-in tool to accomplish the task. I had some unique requirements that led me to a useful solution with the PowerShell Select-String command (simple grep-like tool). Here are some of the requirements I was looking for:

  • Built-in to Windows, no software to install
  • Capable of searching UCS-2 (UTF-16) multi-byte character unicode text files.
  • Search for alternative patterns (vertical bar “|” operator “OR”). Find lines that match one of a set of multiple patterns (alternation).

The specific case was for reviewing output from the Java SE (JRE/JDK) “keytool -list -v” command – verifying the contents of Java Key Stores (JKS). Here’s a sample to demonstrate

$pattern = "Keystore |Owner: |Alias name: |Entry type: |Issuer: |chain length: |Certificate\[|\*\*\*"
select-string $pattern KEYTOOL_LIST.txt | select line
# sample output for a GoDaddy certificate with trust chain used by Apache Tomcat keystore
Line
----
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 3 entries
Alias name: gdroot-g2
Entry type: trustedCertEntry
Owner: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
*******************************************
*******************************************
Alias name: TOMCAT-SRV
Entry type: PrivateKeyEntry
Certificate chain length: 3
Certificate[1]:
Owner: CN=TOMCAT-SRV.YOUR-DOMAIN.com, OU=Domain Control Validated
Issuer: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc....
Certificate[2]:
Owner: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."...
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Certificate[3]:
Owner: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
*******************************************
*******************************************
Alias name: gdig2
Entry type: trustedCertEntry
Owner: CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc."...
Issuer: CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, ST=Arizona, C=US
*******************************************
*******************************************

In this case, we were able to summarize the long complex keytool output to show only critical lines of interest – now we have validated that the server certificate/key-pair has the associated trust chain attached to the appropriate server cert-key entry. Tomcat requires this in order to pass the trust chain information to the client – iOS browsers are notorious for generating certificate errors when the web server fails to send the intermediate CA trust chain as part of establishing an SSL/TLS secure connection.

You may also be interested in my earlier post from October 2015 PowerShell for OpenSSL CA Issued Cert Status. In that post, Select-String was used as part of a simple script to view a list of private CA-issued certificates.

Advertisements

About notesbytom

Keeping technology notes on WordPress.com to free up my mind to solve new problems rather than figuring out the same ones repeatedly :-).
This entry was posted in System Administration and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s