Solved

How to check if the certificate is expiring

Posted on 2014-04-23
9
707 Views
Last Modified: 2014-04-30
Hello all,
Our environment has the ADFS on Office 365. I saw the message states that the certificate is expiring. Please see the screenshot below. How may I check if the certificate is expiring in 90 days.
Thanks

cert
0
Comment
Question by:dongocdung
9 Comments
 
LVL 16

Accepted Solution

by:
Shaik M. Sajid earned 125 total points
ID: 40017251
go to administrative tools - ADFS management console

adfs - services -certificates ..

u'll find all certificates with created and  expiry dates...

all the best..
0
 

Author Comment

by:dongocdung
ID: 40017271
Shaik,
Do you know how to use powershell to check the certificate for other servers beside ADFS server?
Thanks,
0
 
LVL 9

Assisted Solution

by:Mahesh Sharma
Mahesh Sharma earned 250 total points
ID: 40017277
Run cmdlet Get-AdfsCertificate -CertificateType "Token-Signing"


Let me know if it works
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 

Author Comment

by:dongocdung
ID: 40017276
Shaik,
Do you know how to use powershell to check the certificate for other servers beside ADFS server?
Thanks,
0
 
LVL 9

Expert Comment

by:Mahesh Sharma
ID: 40017294
Get-Certificate cmdlet we can use on other server.
http://technet.microsoft.com/en-us/library/hh848632.aspx
0
 

Author Comment

by:dongocdung
ID: 40017375
Hi MKS_,
I run your first command and got the error
Get-AdfsCertificate -CertificateType "Token-Signing"


The term 'Get-AdfsCertificate' is not recognized as the name of a cmdlet, funct
ion, script file, or operable program. Check the spelling of the name, or if a
path was included, verify that the path is correct and try again.
At line:1 char:20
+ Get-AdfsCertificate <<<<  -CertificateType "Token-Signing"
    + CategoryInfo          : ObjectNotFound: (Get-AdfsCertificate:String) [],
    CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException

I am not sure that I can use the command in the article you gave me above because it is for Windows PowerShell 4.

Do I need to create this folder in order to let it work.

cert:\LocalMachine\My
Thanks,
0
 
LVL 9

Assisted Solution

by:Mahesh Sharma
Mahesh Sharma earned 250 total points
ID: 40017445
Try to run Add-PSSnapin Microsoft.Adfs.PowerShell before running Get-ADFSCertificate & then check


For powershell 2.0 try this cmdlet:
Get-ChildItem -Recurse | where { $_.notafter -le (get-date).AddDays(75) } | select thumbprint, subject

Replace 75 with no of days you want
0
 

Author Comment

by:dongocdung
ID: 40017651
The first command works but the second command runs but nothing returns. It is a blank screen.
0
 
LVL 29

Assisted Solution

by:becraig
becraig earned 125 total points
ID: 40017750
you can run this on each computer (from a powershell window)
Get-ChildItem cert:\LocalMachine\My -Recurse | where { $_.notafter -le (get-date).AddDays(30) } | select thumbprint, subject, notafter

Open in new window

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Lotus Notes – formerly IBM Notes – is an email client application, while IBM Domino (earlier Lotus Domino) is an email server. The client possesses a set of features that are even more advanced as compared to that of Outlook. Likewise, IBM Domino is…
MS Outlook is a world-class email client application that is mainly used for e-communication globally.  In this article, we will discuss the basic idea about MS Outlook, its advanced features, and types of MS Outlook File formats.
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question