All right, we know that we can access a remote computer's various X509Certificate stores via .NET, and 'My' corresponds to "Local Computer\Personal\Certificates". What are the other names?

That gives us the details, but on some of my lab boxes, some of it didn't work. Specifically, I couldn't pull the Intermediate Certification Authorities list.

Per the above, that's the 'CertificateAuthority' X509Certificate store. In fact, we can enumerate the StoreName enum as follows


So, it says 'CertificateAuthority' all right. And it doesn't work with my box, all right. So, what to do?

Get-ChildItem cert:\LocalMachine | % { $_.Name }

That works for the local box. How about for my remote box? PSRemoting to the rescue.

Invoke-Command -ComputerName $ComputerName -ScriptBlock { Get-ChildItem cert:\LocalMachine | % { $_.Name } }