?
Solved

Can PowerShell read the Personal Store for certificate expiration dates?

Posted on 2009-07-07
3
Medium Priority
?
2,087 Views
Last Modified: 2012-05-07
I'm looking for a PowerShell script that can access the Personal store on a Windows Server and alert on Certs about to expire.

Specifically: When the cert is going to expire in 15 days, write an event to the Application log.

Thanks,
Tom
0
Comment
Question by:martit01
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 71

Expert Comment

by:Chris Dent
ID: 24801879

Hey,

That shouldn't be too tricky actually...

Can you see if this gives you the right certificates?

Get-ChildItem cert:\LocalMachine\My

If it does, all we need to do is filter on the "NotAfter" field and post the results to the event log, neither of which is particularly hard either.

Chris
0
 

Author Comment

by:martit01
ID: 24809457
I ran the cmdlet and got the below output....

Thumbprint                                                                          Subject
----------                                                                               -------
A3E3AE944D46CA0EBA599F148B23D40A33E183BF           CN=la-scomrms02.XXX.com

I don't see any expiration date. Was it suppose to show the expiration date?

Thanks,
Tom
0
 
LVL 5

Accepted Solution

by:
AbqBill earned 2000 total points
ID: 24830945
Hi Tom, the X509Certificate2 object has a GetExpirationDateString() method that returns a string representation of the certificate's expiration date. Bill.
$certs = get-childitem cert:\LocalMachine\CA
 
$certs | foreach-object {
  $output = new-object PSObject
  $output | add-member NoteProperty -name Subject -value $_.Subject
  $output | add-member NoteProperty -name ExpirationDate -value $_.GetExpirationDateString()
  $output
}

Open in new window

0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to prepare an HTML email signature template file containing dynamic placeholders for users' Azure AD data. Furthermore, it explains how to use this file to remotely set up a department-wide email signature policy in Office …
A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question