Check cert in 60days warning if did.

Dear expert

Below script is not working well for me, the error msg I get is:
Cannot convert value "30/05/2018 20:52:00"
Exception while checking URL https://google.com: Exception calling "GetResponse" with "0" argument(s)
Code is going to check cert if its 60 days left in cert or not...

Anyone know whats wrong?
Regards


 $minimumCertAgeDays = 60
 $timeoutMilliseconds = 10000
 $urls = @(
 "https://google.com"
 )
 [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
foreach ($url in $urls)
 {
 $req = [Net.HttpWebRequest]::Create($url)
 $req.Timeout = $timeoutMilliseconds
try {$req.GetResponse() |Out-Null} catch {Write-Host Exception while checking URL $url`: $_ -f Red}
[datetime]$expiration = $req.ServicePoint.Certificate.GetExpirationDateString()
 [int]$certExpiresIn = ($expiration - $(get-date)).Days
 $certName = $req.ServicePoint.Certificate.GetName()
 $certPublicKeyString = $req.ServicePoint.Certificate.GetPublicKeyString()
 $certSerialNumber = $req.ServicePoint.Certificate.GetSerialNumberString()
 $certThumbprint = $req.ServicePoint.Certificate.GetCertHashString()
 $certEffectiveDate = $req.ServicePoint.Certificate.GetEffectiveDateString()
 $certIssuer = $req.ServicePoint.Certificate.GetIssuerName()
if ($certExpiresIn -gt $minimumCertAgeDays){
 $certok = Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] -f Green}
 else{
 $certnotok = Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`n`nCert name: $certName`nCert public key: $certPublicKeyString`nCert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer -f Red
 }
 }

Open in new window

LVL 1
WeTiAsked:
Who is Participating?
 
QlemoConnect With a Mentor Batchelor, Developer and EE Topic AdvisorCommented:
It depends on what date format you have active. As long as you use US default, the default conversion of date strings works.
In addition, I always get an exception with your GetResponse because of a timeout. This is not related to the date issue, though, but your code just waiting for interaction which never takes place. Also, in case of a timeout, it doesn't make sense to try to get the certificate date.
Lastly, your final vars certOk and certNotOk are never set, as Write-Host doesn't return anything.
So better to use this:
$minimumCertAgeDays  = 60
$timeoutMilliseconds = 10000
$urls = @(
  "https://google.com"
)

cls
[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
foreach ($url in $urls)
{
  $req = [Net.HttpWebRequest]::Create($url)
  $req.Timeout = $timeoutMilliseconds
  try {
    $req.GetResponse().Dispose()
    $cert = $req.ServicePoint.Certificate
    [datetime] $expiration    = get-date $cert.GetExpirationDateString()
    [int]      $certExpiresIn = ($expiration - $(get-date)).Days
    $certName            = $cert.GetName()
    $certPublicKeyString = $cert.GetPublicKeyString()
    $certSerialNumber    = $cert.GetSerialNumberString()
    $certThumbprint      = $cert.GetCertHashString()
    $certEffectiveDate   = $cert.GetEffectiveDateString()
    $certIssuer          = $cert.GetIssuerName()

    $msg = "Cert for site $url expires in $certExpiresIn days [on $expiration]."
    if ($certOk = $certExpiresIn -gt $minimumCertAgeDays) {
      $color = 'Green'
    } else {
      $color = 'Yellow'
      $msg += @"
      Threshold is $minimumCertAgeDays days. Check details:

      Cert name:           $certName
      Cert public key:     $certPublicKeyString
      Cert serial number:  $certSerialNumber
      Cert thumbprint:     $certThumbprint
      Cert effective date: $certEffectiveDate
      Cert issuer:         $certIssuer
"@
    }
    write-host $msg -f $color
  } catch { Write-Host Exception while checking URL $url`: $_ -f Red }
}

Open in new window

This only set certOk as a boolean - which is sufficient.
0
 
David Johnson, CD, MVPOwnerCommented:
your script works for me in windows 10

Scripts> . 'G:\Documents\WindowsPowerShell\Scripts\Untitled13.ps1' <# script is not saved yet #>
Cert for site https://google.com expires in 69 days [on 06/05/2018 14:16:00]
Cert for site https://microsoft.com expires in 659 days [on 01/16/2020 16:24:02]
Cert for site https://techsupport4me.com expires in 629 days [on 12/17/2019 07:40:47]

PS G:\Documents\WindowsPowerShell\Scripts>
0
 
David Johnson, CD, MVPConnect With a Mentor OwnerCommented:
changed line 12 .. output from Windows Server 2008R2 (Windows 7)
  $minimumCertAgeDays = 60
 $timeoutMilliseconds = 10000
 $urls = @(
 "https://google.com","https://microsoft.com","https://techsupport4me.com"
 )
 [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
foreach ($url in $urls)
 {
 $req = [Net.HttpWebRequest]::Create($url)
 $req.Timeout = $timeoutMilliseconds
try {$req.GetResponse() |Out-Null} catch {Write-Host Exception while checking URL $url`: $_ -f Red}
$expiration = get-date($req.ServicePoint.Certificate.GetExpirationDateString())
 [int]$certExpiresIn = ($expiration - $(get-date)).Days
 $certName = $req.ServicePoint.Certificate.GetName()
 $certPublicKeyString = $req.ServicePoint.Certificate.GetPublicKeyString()
 $certSerialNumber = $req.ServicePoint.Certificate.GetSerialNumberString()
 $certThumbprint = $req.ServicePoint.Certificate.GetCertHashString()
 $certEffectiveDate = get-date($req.ServicePoint.Certificate.GetEffectiveDateString())
 $certIssuer = $req.ServicePoint.Certificate.GetIssuerName()
if ($certExpiresIn -gt $minimumCertAgeDays){
 $certok = Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] -f Green}
 else{
 $certnotok = Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`n`nCert name: $certName`nCert public key: $certPublicKeyString`nCert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer -f Red
 }
 }

Open in new window

Exception while checking URL https://google.com: Exception calling "GetResponse" with "0" argument(s): "The operation has timed out"
Cert for site https://google.com expires in 63 days [on 05/30/2018 14:50:00]
Exception while checking URL https://microsoft.com: Exception calling "GetResponse" with "0" argument(s): "The operation has timed out"
Cert for site https://microsoft.com expires in 659 days [on 01/16/2020 16:24:02]
Exception while checking URL https://techsupport4me.com: Exception calling "GetResponse" with "0" argument(s): "The operation has timed out"
Cert for site https://techsupport4me.com expires in 629 days [on 12/17/2019 07:40:47]
0
 
WeTiAuthor Commented:
Using Qlemo's option, thanks both.
1
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.