Sign up to save your podcasts
Or
Share PowerShell Tools for PKI and Secure Boot with Richard Hicks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
PowerShell Tools for PKI and Secure Boot with Richard Hicks
Long-time Microsoft MVP and consultant Richard Hicks joins The PowerShell Podcast to talk about ADCS security, PKI misconfigurations, and why PowerShell is a consultant’s ultimate force multiplier. Richard shares real-world stories from auditing enterprise certificate environments, explains how simple template mistakes can lead to full domain compromise, and walks through tools like Locksmith that help administrators quickly identify dangerous configurations.
The conversation also explores Richard’s open-source PowerShell work, including his widely downloaded Get-UEFICertificate script for Secure Boot certificate expiration issues and his new ADPrincipalCertificate module for cleaning up unnecessary certificates published in Active Directory. Along the way, Richard reflects on career growth, publishing, consulting, and why sharing knowledge openly has been one of the biggest drivers of his long-term success.
Key Takeaways:
• ADCS is easy to deploy but difficult to secure — Misconfigured certificate templates, especially ESC1 scenarios, can allow instant privilege escalation and domain compromise.
• PowerShell turns repetitive work into reusable tools — From UEFI certificate auditing to Active Directory cleanup, scripting creates consistency and prevents human error.
• Sharing expertise compounds over time — Blogging, publishing modules, and speaking at conferences builds credibility, community, and long-term career momentum.
Guest Bio:
Richard Hicks is the founder and principal consultant of Richard M. Hicks Consulting, Inc. A Microsoft MVP with over 30 years of experience, he specializes in secure remote access and PKI, helping organizations deliver secure, high-performing access for today’s mobile workforce.
Resource Links:
View all episodes
By PDQ.com
4.9
3131 ratings
Long-time Microsoft MVP and consultant Richard Hicks joins The PowerShell Podcast to talk about ADCS security, PKI misconfigurations, and why PowerShell is a consultant’s ultimate force multiplier. Richard shares real-world stories from auditing enterprise certificate environments, explains how simple template mistakes can lead to full domain compromise, and walks through tools like Locksmith that help administrators quickly identify dangerous configurations.
The conversation also explores Richard’s open-source PowerShell work, including his widely downloaded Get-UEFICertificate script for Secure Boot certificate expiration issues and his new ADPrincipalCertificate module for cleaning up unnecessary certificates published in Active Directory. Along the way, Richard reflects on career growth, publishing, consulting, and why sharing knowledge openly has been one of the biggest drivers of his long-term success.
Key Takeaways:
• ADCS is easy to deploy but difficult to secure — Misconfigured certificate templates, especially ESC1 scenarios, can allow instant privilege escalation and domain compromise.
• PowerShell turns repetitive work into reusable tools — From UEFI certificate auditing to Active Directory cleanup, scripting creates consistency and prevents human error.
• Sharing expertise compounds over time — Blogging, publishing modules, and speaking at conferences builds credibility, community, and long-term career momentum.
Guest Bio:
Richard Hicks is the founder and principal consultant of Richard M. Hicks Consulting, Inc. A Microsoft MVP with over 30 years of experience, he specializes in secure remote access and PKI, helping organizations deliver secure, high-performing access for today’s mobile workforce.
Resource Links:
More shows like The PowerShell Podcast
View all
Hanselminutes with Scott Hanselman
381 Listeners
The Changelog: Software Development, Open Source
288 Listeners
Security Now (Audio)
2,007 Listeners
Windows Weekly (Audio)
887 Listeners
Software Engineering Daily
624 Listeners
Risky Business
376 Listeners
RunAs Radio
83 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,026 Listeners
Click Here
420 Listeners
Darknet Diaries
8,051 Listeners
CoRecursive: Coding Stories
188 Listeners
Tech Brew Ride Home
962 Listeners
The Real Python Podcast
139 Listeners
Hacker And The Fed
167 Listeners