Link to home
Start Free TrialLog in
Avatar of hannibalsmith
hannibalsmith

asked on

Where exactly is a particular SSL cert installed?

Hi all,
          when faced with SSL certificate renewals, it's nice to know which servers have the cert installed in the first place. If I have a cert that I need to renew (either issued internally or by a trusted third party), how do I determine which servers is it installed on? There must be a powershell script/other method to query all servers on the domain using thumbprints/friendly names/issuing authority. The server is running 2012 but I need an answer that works for 2008 as well if possible.
thanks in advance
Avatar of Brendan M
Brendan M
Flag of Australia image

you can start with

$certs = invoke-command {gci cert: -recurse} -computername <remote computer>

just need to make it run through a list of servers
Avatar of hannibalsmith
hannibalsmith

ASKER

hi Brendan,
                    thanks for your comment. Correct me if I'm wrong, but that script will list the certs being used by the target machine. What I need is a way of actually searching machines for the cert's thumbprint or issuer rather than generating a list of certs on all target systems and manually searching (which can be time consuming depending on the size of the domain)
ASKER CERTIFIED SOLUTION
Avatar of Brendan M
Brendan M
Flag of Australia image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
looks good, Brendan, thank you. I'll try it as soon as possible and report back...
Hi Brendan,
                     sorry for the delay in getting back to you. It's been hectic and I haven't had the time until now. I've tested the script and it's exactly what I need! Thanks for your help on this one.
Precisely what I needed, code was not unnecessarily complex and answered my question.