Sign up to save your podcasts
Or
Share PowerShell Tools for PKI and Secure Boot with Richard Hicks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
PowerShell Tools for PKI and Secure Boot with Richard Hicks
Long-time Microsoft MVP and consultant Richard Hicks joins The PowerShell Podcast to talk about ADCS security, PKI misconfigurations, and why PowerShell is a consultant’s ultimate force multiplier. Richard shares real-world stories from auditing enterprise certificate environments, explains how simple template mistakes can lead to full domain compromise, and walks through tools like Locksmith that help administrators quickly identify dangerous configurations.
The conversation also explores Richard’s open-source PowerShell work, including his widely downloaded Get-UEFICertificate script for Secure Boot certificate expiration issues and his new ADPrincipalCertificate module for cleaning up unnecessary certificates published in Active Directory. Along the way, Richard reflects on career growth, publishing, consulting, and why sharing knowledge openly has been one of the biggest drivers of his long-term success.
Key Takeaways:
• ADCS is easy to deploy but difficult to secure — Misconfigured certificate templates, especially ESC1 scenarios, can allow instant privilege escalation and domain compromise.
• PowerShell turns repetitive work into reusable tools — From UEFI certificate auditing to Active Directory cleanup, scripting creates consistency and prevents human error.
• Sharing expertise compounds over time — Blogging, publishing modules, and speaking at conferences builds credibility, community, and long-term career momentum.
Guest Bio:
Richard Hicks is the founder and principal consultant of Richard M. Hicks Consulting, Inc. A Microsoft MVP with over 30 years of experience, he specializes in secure remote access and PKI, helping organizations deliver secure, high-performing access for today’s mobile workforce.
Resource Links:
View all episodes
By PDQ.com
4.9
3131 ratings
Long-time Microsoft MVP and consultant Richard Hicks joins The PowerShell Podcast to talk about ADCS security, PKI misconfigurations, and why PowerShell is a consultant’s ultimate force multiplier. Richard shares real-world stories from auditing enterprise certificate environments, explains how simple template mistakes can lead to full domain compromise, and walks through tools like Locksmith that help administrators quickly identify dangerous configurations.
The conversation also explores Richard’s open-source PowerShell work, including his widely downloaded Get-UEFICertificate script for Secure Boot certificate expiration issues and his new ADPrincipalCertificate module for cleaning up unnecessary certificates published in Active Directory. Along the way, Richard reflects on career growth, publishing, consulting, and why sharing knowledge openly has been one of the biggest drivers of his long-term success.
Key Takeaways:
• ADCS is easy to deploy but difficult to secure — Misconfigured certificate templates, especially ESC1 scenarios, can allow instant privilege escalation and domain compromise.
• PowerShell turns repetitive work into reusable tools — From UEFI certificate auditing to Active Directory cleanup, scripting creates consistency and prevents human error.
• Sharing expertise compounds over time — Blogging, publishing modules, and speaking at conferences builds credibility, community, and long-term career momentum.
Guest Bio:
Richard Hicks is the founder and principal consultant of Richard M. Hicks Consulting, Inc. A Microsoft MVP with over 30 years of experience, he specializes in secure remote access and PKI, helping organizations deliver secure, high-performing access for today’s mobile workforce.
Resource Links:
More shows like The PowerShell Podcast
View all
Hanselminutes with Scott Hanselman
382 Listeners
The Changelog: Software Development, Open Source
288 Listeners
Security Now (Audio)
2,011 Listeners
Windows Weekly (Audio)
888 Listeners
Software Engineering Daily
626 Listeners
Risky Business
371 Listeners
RunAs Radio
83 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
651 Listeners
CyberWire Daily
1,028 Listeners
Click Here
418 Listeners
Darknet Diaries
8,077 Listeners
CoRecursive: Coding Stories
189 Listeners
Tech Brew Ride Home
964 Listeners
The Real Python Podcast
140 Listeners
Hacker And The Fed
168 Listeners