[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

PowerShell Script

Posted on 2013-01-22
6
Medium Priority
?
573 Views
Last Modified: 2013-01-23
Hi,

Running the Get-ChildItem -Recurse Cert: in powershell gives me a list of installed certificates on the server.

My question is. How to I script this to get the certificates installed on several servers? I.e if I have a list of servers I want to query in a text file. Basically, how do I run this command on a list of servers?
0
Comment
Question by:MattyS82
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 38808157
gc serverlist.txt  | foreach-object {invoke-command -computername $_ -scriptblock {gci cert:\LocalMachine\My }}
0
 
LVL 40

Assisted Solution

by:Subsun
Subsun earned 1000 total points
ID: 38808858
Try..
$servers = Get-Content c:\server.txt
[array]$certstore = $null
Foreach ($Server in $servers){
$store=new-object System.Security.Cryptography.X509Certificates.X509Store("\\$server\my","LocalMachine")
$store.open("ReadOnly")
Foreach ($certfind in $store.certificates){
If ($certfind -ne $null)
{$certstore += New-Object Psobject -Property @{`
	"Server"=$Server
	"Subject"=$certfind.Subject
	"Issuer"=$certfind.Issuer
	"Thumbprint"=$certfind.Thumbprint
	"FriendlyName"=$certfind.FriendlyName
	"NotBefore"=$certfind.NotBefore
	"NotAfter"=$certfind.NotAfter}}
else {Write-Host "$server Does not contain any certs matching $Search" -B Yellow -F Red}
 }
}
$certstore | select Server,Subject,FriendlyName,NotAfter,NotBefore,Issuer,Thumbprint | Export-Csv c:\report.csv -NoTypeInformation

Open in new window

0
 
LVL 71

Expert Comment

by:Qlemo
ID: 38808896
Subsun,

There is an unresolved reference to $Search in the Write-Host message ;-). But the script works nevertheless.
0
Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

 
LVL 40

Expert Comment

by:Subsun
ID: 38809262
Ha.. I forgot to remove it. Thanks for checking...I just modified the script which I had done for another question #a38476902.. :-)

@MattyS82, You can modify line 16 to..
else {Write-Host "$server Does not contain any certs" -B Yellow -F Red}
0
 
LVL 29

Accepted Solution

by:
becraig earned 1000 total points
ID: 38809509
@subsun though I like the fact you utilized the system security cryptography object which I think can be useful in other instances where something like the posh Cert provider does not exist (e.g. reading and importing / exporting pfx files etc).

I stayed with the request of the author of the question:
Running the Get-ChildItem -Recurse Cert: in powershell gives me a list of installed certificates on the server.
My question is. How to I script this to get the certificates installed on several servers?

In the spirit of your script I am adding a more detailed script utilizing the cert provider while offering more functionality.


Param ([string]$serverlist)
$servers = (gc $serverlist)
foreach ($server in $servers) 
	{
invoke-command -computername $server -scriptblock {
$server = hostname
$certs = (gci cert:\LocalMachine\My)
if ($certs -eq $null)
{write-host "`n There are no certificates present on $server" -fore yellow}
else{
write-host `n $server
foreach ($cert in $certs )
	{
	$serial = $cert.Serialnumber
	$subject = $cert.Subject
	$expiry = $cert.notafter
	write-host "Certificate:$subject `t serialnumber:$serial `t Expiry:$expiry"
   	}						  }
	}    
}

Open in new window



@MattyS82  The above solutions though both doing exactly what you need and maybe more have one subtle difference, if your servers do not have winrm Subsun's solution will be perfect for you.
0
 
LVL 1

Author Closing Comment

by:MattyS82
ID: 38811917
Thank you for your efforts. This is greatly appreciated and it was way beyond my knowledge of powershell.
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Nano Server Image Builder helps you create a custom Nano Server image and bootable USB media with the aid of a graphical interface. Based on the inputs you provide, it generates images for deployment and creates reusable PowerShell scripts that …
A recent project that involved parsing Tableau Desktop and Server log files to extract reusable user queries for use in other systems. I chose to use PowerShell to gather the data, and SharePoint to present it...
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question