Powershell and System.Security.Cryptography.X509Certificates.X509Certificate2

i'm getting this error when i run the system.security namespace. This is what i am running after

$cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\mycert.cer")
New-Object: Cannot find type [System.Security.Cryptography.X509Certificates.X509Certificate2("C:\mycert.cer")]: make sure the assembly containing this type is loaded.
At line:1 char:19 + $cert = New-Object <<<< + CategoryInfo : InvalidType: (:) [New-Object], PSArgumentException + FullyQualifiedErrorId : TypeNotFound,Microsoft.PowerShell.Commands.NewObjectCommand**

What am i doing wrong?

4 Answers

Try running this to see if you have the System.dll loaded (should be by default):

[AppDomain]::CurrentDomain.GetAssemblies() | Where {$_.Location -match '\\System\\'}

If it is loaded then this command should show the X509Certificate2 type:

[AppDomain]::CurrentDomain.GetAssemblies() |
Where {$_.Location -match '\\System\\'} |
%{$_.GetExportedTypes()} | Where {$_.Name -match 'X509Cert'}

If the System.dll isn't loaded (which would be odd) try loading it:

Add-Type -AssemblyName System

See:

FYI ... I got error:

Unable to find type [System.Security.Cryptography.x509Certificates.X509Certificate2UI]

when using:

$certSelect = [System.Security.Cryptography.x509Certificates.X509Certificate2UI]::SelectFromCollection($certCollection, $title, $msg, 0)

However, I had no error creating the collection earlier on in my script:

$certCollection = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection

To make the error go away I had to include the following at some point earlier on:

Add-Type -AssemblyName System.Security

I've solved my problem. It's easily:

cd\
$cert=New-Object System.Security.Cryptography.X509Certificates.X509Certificate2("C:\mycert.cer")

cd\ is necessary

I ran into this in the ISE (but seems to apply to the normal command window too) and it seems that using autocomplete will automatically Add-Type for whatever you're looking for. If you start a new instance and run:

[AppDomain]::CurrentDomain.GetAssemblies() | grep Security

it will not return System.Security, but if you then type this and let intellisense do its thing:

[System.

You can then run this again:

[AppDomain]::CurrentDomain.GetAssemblies() | grep Security

And it will then return System.Security. So this is why you can write a script that works fine, and then revisit it later and it's broken. Using intellisense doesn't fix your script though, instead you have to add this line:

Add-Type System.Security

Or whatever library is not getting auto-added (it seems to need the dll filename, e.g. C:\Program Files (x86)\Reference Assemblies\Microsoft\Framework\.NETFramework\v4.6.1\System.Security.dll).

I'm pretty sure IseSteroids (a paid ISE add-in) can detect this, maybe others as well.