• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 882
  • Last Modified:

powershell script for SSL expiry


we have taken the script from this website


and modified it to return only those certificates expiring within the next 30 days.

Original script:
get-childitem cert: -recurse | where-object {$_.NotAfter -gt (get-date)} | select Subject,@{Name="Expires in (Days)";Expression={($_.NotAfter).subtract([DateTime]::Now).days}} | Sort "Expires in (Days)"

Modified script: - change in bold
get-childitem cert: -recurse | where-object {$_.NotAfter -lt (get-date).adddays(30) }| select Subject,@{Name="Expires in (Days)";Expression={($_.NotAfter).subtract([DateTime]::Now).days}} | Sort "Expires in (Days)"

this has the unfortunate consequence of displaying the SSL certificates that have already expired, which we are not interested in as they are system installed certificates.

What we are hoping is to modify the expression to return only the certificates expiring in the future.  We assume this would need to return results between todays date and 30 days in the future but we cannot work out how to do this.

does anyone have a suggestion on how to resolve this?

Kind regards

1 Solution
Replace the "where"-clause with this:

where-object {$_.NotAfter -gt (get-date) -and $_.NotAfter -lt (get-date).adddays(30)}

This should bring the desired result.
vodyanoiAuthor Commented:

Having tested this I can confirm this does exactly what we need.

I can see now how to include the and logical operator.  When we tried we placed the enclosing brackets in the wrong locations.

Many thanks for this

Any chance either of would know how to exclude self signed certs via this powershell command?

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now