I am struggling with coming up with the correct detection method for one of my applications. I have an application that calls a PowerShell script that will renew a machine certificate in the Personal store which contains a new Key Usage setting. I am looking for something that queries the certificate's key usage and if it is set to Key Encipherment, then do nothing. I only want it to run if it isn't set to Key Enchiperment. I figured I could use a VB or a PS script.
Scripting is not my strong suit, unfortunately. I am still learning it. I think I can use the code below to query it, but I don't know how to write it to an if statement or something that will say, "if it is set to Key Encipherment, do nothing."
((Get-ChildItem -Path Cert:\LocalMachine\My\ | select -First 1).Extensions | Where-Object { $_.Oid.FriendlyName -eq "Key Usage" }).format($true)
Any help would be greatly appreciated.