Get Expired Certificates

Get the One!

One of our certs was going to expire. I was tasked with a simple thing – get all servers where the cert is used/imported and list them. That’s a simple task:


$Computers = Get-ADComputer filter * SearchBase 'OU=Servers,OU=ComputersX,DC=contoso,DC=com' | Select-Object ExpandProperty Name
$Allcerts = Invoke-Command ComputerName $Computers ScriptBlock {
Get-childItem Cert:\LocalMachine\My | Select-Object DnsNameList,NotBefore,NotAfter,Thumbprint,Issuer,Subject
} ErrorAction SilentlyContinue
#region get the cert we're looking for
$thumbprint = 'PLACEYOURTHUMBPRINTHERE'
$CurrentCert = $Allcerts | Where-Object {$_.Thumbprint -eq $thumbprint} | Select-Object PSComputerName
$CurrentCert | Export-Csv Path C:\AdminTools\CurrentCert.csv NoTypeInformation Delimiter ';'
#endregion

view raw

GetCert.ps1

hosted with ❤ by GitHub

This will give me a list with all computer names where the cert is imported. The only assumption – I’m looking into Windows’ Personal Store. Any non-Windows imported cert will be left in the dark.

‘EVERYONE’

I thought I’ll get all expired certs from the servers and export them into a list:


$Computers = Get-ADComputer filter * SearchBase 'OU=Servers,OU=ComputersX,DC=contoso,DC=com' | Select-Object ExpandProperty Name
$Allcerts = Invoke-Command ComputerName $Computers ScriptBlock {
Get-childItem Cert:\LocalMachine\My | Select-Object DnsNameList,NotBefore,NotAfter,Thumbprint,Issuer,Subject
} ErrorAction SilentlyContinue
#region get all certs that expired
#get current date
$date = Get-Date
$ExpiredCerts = $Allcerts | Where-Object {$PSItem.NotAfter -le $date} | Select-Object DnsNameList,NotBefore,NotAfter,Thumbprint,Issuer,Subject,PSComputerName
$ExpiredCerts | Export-Csv Path C:\AdminTools\ExpiredCerts.csv NoTypeInformation Delimiter ';'
#endregion

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s