How to get list of all thumb print - certificates installed on all servers.

I want to get list of all certificates installed on all of my servers.

Power shell script

Please advise
SAIMSKY ADMINSYS ADMINAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Philip PortnoySr. MS SQL DBA and Technical Account ManagerCommented:
Get-ChildItem -Recurse Cert:
0
HAJ2014Commented:
0
becraigCommented:
If you have a list of servers and winrm configured this would work in a pinch:

gc c:\serverlist.txt | % {invoke-command -computername $_ -scriptblock {$hname = hostname; gci -recurse cert:\ | % {write-host $hanem $_.thumbprint $_.subject}}}

Open in new window

0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

SAIMSKY ADMINSYS ADMINAuthor Commented:
Becraig  Many thanks, Can you please  set script to export the results in csv file with server name , thumbprint ,etc.

many thanks
0
SAIMSKY ADMINSYS ADMINAuthor Commented:
Becraig, Please advise as I am getting this error for most of my servers when I run the above script.

Connecting to remote server SRV-S1158 failed with the following error message : The client cannot connect to the destination specified in the request. Verify that
the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination, most commonly IIS or WinRM.
If the destination is the WinRM service, run the following command on the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the
about_Remote_Troubleshooting Help topic.


Can you please also set somthing good , so I can get some good looking report.

Many thanks
0
SAIMSKY ADMINSYS ADMINAuthor Commented:
Actually , I am looking for complete script in which i will extract all certificates /thumbprints according to servers name amd than I have to verfiy if these 3 thumprints avialable or not.

4822824ece7ed1450c039aa077dc1f8ae3489bbf
c6796490cdeeaab31aed798752ecd003e6866cb2
d2dbf71823b2b8e78f5958096150bfcb97cc388a


many thanks
0
becraigCommented:
The script below is based on the assumption you want to know what servers these certificates are present on.
Also please edit the line:
gc c:\computerlist.txt - to represent the name of the file you will have the list of servers in.

function Get-Cert( $computer){
    $ro=[System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $lm=[System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
    $store=new-object System.Security.Cryptography.X509Certificates.X509Store("\\$computer\root",$lm)
    $store.Open($ro)
$store.Certificates
}
gc c:\computerlist.txt | % {$computer=$_
Get-Cert $_ | ?{$_.thumbprint -like "4822824ece7ed1450c039aa077dc1f8ae3489bbf" -or $_.thumbprint -like "" -or $_.thumbprint -like "c6796490cdeeaab31aed798752ecd003e6866cb2"
$tprint =  $_.thumbprint
$sub = $_.subject.split(',')[0]
$report += "$computer, $tprint, $Sub`n" }
}
$report | out-file file.csv

Open in new window

0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SAIMSKY ADMINSYS ADMINAuthor Commented:
Wonderful and thanx
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.