• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 581
  • Last Modified:

PowerShell Script

Hi,

Running the Get-ChildItem -Recurse Cert: in powershell gives me a list of installed certificates on the server.

My question is. How to I script this to get the certificates installed on several servers? I.e if I have a list of servers I want to query in a text file. Basically, how do I run this command on a list of servers?
0
MattyS82
Asked:
MattyS82
2 Solutions
 
becraigCommented:
gc serverlist.txt  | foreach-object {invoke-command -computername $_ -scriptblock {gci cert:\LocalMachine\My }}
0
 
SubsunCommented:
Try..
$servers = Get-Content c:\server.txt
[array]$certstore = $null
Foreach ($Server in $servers){
$store=new-object System.Security.Cryptography.X509Certificates.X509Store("\\$server\my","LocalMachine")
$store.open("ReadOnly")
Foreach ($certfind in $store.certificates){
If ($certfind -ne $null)
{$certstore += New-Object Psobject -Property @{`
	"Server"=$Server
	"Subject"=$certfind.Subject
	"Issuer"=$certfind.Issuer
	"Thumbprint"=$certfind.Thumbprint
	"FriendlyName"=$certfind.FriendlyName
	"NotBefore"=$certfind.NotBefore
	"NotAfter"=$certfind.NotAfter}}
else {Write-Host "$server Does not contain any certs matching $Search" -B Yellow -F Red}
 }
}
$certstore | select Server,Subject,FriendlyName,NotAfter,NotBefore,Issuer,Thumbprint | Export-Csv c:\report.csv -NoTypeInformation

Open in new window

0
 
QlemoC++ DeveloperCommented:
Subsun,

There is an unresolved reference to $Search in the Write-Host message ;-). But the script works nevertheless.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
SubsunCommented:
Ha.. I forgot to remove it. Thanks for checking...I just modified the script which I had done for another question #a38476902.. :-)

@MattyS82, You can modify line 16 to..
else {Write-Host "$server Does not contain any certs" -B Yellow -F Red}
0
 
becraigCommented:
@subsun though I like the fact you utilized the system security cryptography object which I think can be useful in other instances where something like the posh Cert provider does not exist (e.g. reading and importing / exporting pfx files etc).

I stayed with the request of the author of the question:
Running the Get-ChildItem -Recurse Cert: in powershell gives me a list of installed certificates on the server.
My question is. How to I script this to get the certificates installed on several servers?

In the spirit of your script I am adding a more detailed script utilizing the cert provider while offering more functionality.


Param ([string]$serverlist)
$servers = (gc $serverlist)
foreach ($server in $servers) 
	{
invoke-command -computername $server -scriptblock {
$server = hostname
$certs = (gci cert:\LocalMachine\My)
if ($certs -eq $null)
{write-host "`n There are no certificates present on $server" -fore yellow}
else{
write-host `n $server
foreach ($cert in $certs )
	{
	$serial = $cert.Serialnumber
	$subject = $cert.Subject
	$expiry = $cert.notafter
	write-host "Certificate:$subject `t serialnumber:$serial `t Expiry:$expiry"
   	}						  }
	}    
}

Open in new window



@MattyS82  The above solutions though both doing exactly what you need and maybe more have one subtle difference, if your servers do not have winrm Subsun's solution will be perfect for you.
0
 
MattyS82Author Commented:
Thank you for your efforts. This is greatly appreciated and it was way beyond my knowledge of powershell.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Tackle projects and never again get stuck behind a technical roadblock.
Join Now