Solved

How to check if the certificate is expiring

Posted on 2014-04-23
9
766 Views
Last Modified: 2014-04-30
Hello all,
Our environment has the ADFS on Office 365. I saw the message states that the certificate is expiring. Please see the screenshot below. How may I check if the certificate is expiring in 90 days.
Thanks

cert
0
Comment
Question by:dongocdung
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
9 Comments
 
LVL 16

Accepted Solution

by:
Shaik M. Sajid earned 125 total points
ID: 40017251
go to administrative tools - ADFS management console

adfs - services -certificates ..

u'll find all certificates with created and  expiry dates...

all the best..
0
 

Author Comment

by:dongocdung
ID: 40017271
Shaik,
Do you know how to use powershell to check the certificate for other servers beside ADFS server?
Thanks,
0
 
LVL 9

Assisted Solution

by:Mahesh Sharma
Mahesh Sharma earned 250 total points
ID: 40017277
Run cmdlet Get-AdfsCertificate -CertificateType "Token-Signing"


Let me know if it works
0
Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

 

Author Comment

by:dongocdung
ID: 40017276
Shaik,
Do you know how to use powershell to check the certificate for other servers beside ADFS server?
Thanks,
0
 
LVL 9

Expert Comment

by:Mahesh Sharma
ID: 40017294
Get-Certificate cmdlet we can use on other server.
http://technet.microsoft.com/en-us/library/hh848632.aspx
0
 

Author Comment

by:dongocdung
ID: 40017375
Hi MKS_,
I run your first command and got the error
Get-AdfsCertificate -CertificateType "Token-Signing"


The term 'Get-AdfsCertificate' is not recognized as the name of a cmdlet, funct
ion, script file, or operable program. Check the spelling of the name, or if a
path was included, verify that the path is correct and try again.
At line:1 char:20
+ Get-AdfsCertificate <<<<  -CertificateType "Token-Signing"
    + CategoryInfo          : ObjectNotFound: (Get-AdfsCertificate:String) [],
    CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

I am not sure that I can use the command in the article you gave me above because it is for Windows PowerShell 4.

Do I need to create this folder in order to let it work.

cert:\LocalMachine\My
Thanks,
0
 
LVL 9

Assisted Solution

by:Mahesh Sharma
Mahesh Sharma earned 250 total points
ID: 40017445
Try to run Add-PSSnapin Microsoft.Adfs.PowerShell before running Get-ADFSCertificate & then check


For powershell 2.0 try this cmdlet:
Get-ChildItem -Recurse | where { $_.notafter -le (get-date).AddDays(75) } | select thumbprint, subject

Replace 75 with no of days you want
0
 

Author Comment

by:dongocdung
ID: 40017651
The first command works but the second command runs but nothing returns. It is a blank screen.
0
 
LVL 29

Assisted Solution

by:becraig
becraig earned 125 total points
ID: 40017750
you can run this on each computer (from a powershell window)
Get-ChildItem cert:\LocalMachine\My -Recurse | where { $_.notafter -le (get-date).AddDays(30) } | select thumbprint, subject, notafter

Open in new window

0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Check out this step-by-step guide for using the newly updated Experts Exchange mobile app—released on May 30.
how to add IIS SMTP to handle application/Scanner relays into office 365.
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question