How to Check for Expiring Certificates in PowerShell
This one I’m saving for later. Don’t confuse this with actually managing certificates via the PKI module. This is really about finding information on certificates already deployed.
First of all, remember that Cert:\ is a PS drive. Try something like this when you open a PS prompt:
cd cert:\
cd currentuser\my
dir
PS C:\> cd cert:\
PS Cert:\> cd currentuser\my
PS Cert:\currentuser\my> dir
Directory: Microsoft.PowerShell.Security\Certificate::currentuser\my
Thumbprint Subject
---------- -------
So with that in mind, you can do the typical kind of listing/sorting/displaying. One of the interesting switches that shows up when you’re in the certificates drive is the –ExpiringInDays. This is extremely useful if you’re trying to get a return of certificates that are about to expire (think alerting.)
get-childitem -path Cert:\CurrentUser\My -ExpiringInDays 180
By doing this, you can treat this as a boolean return. If something pops up, fire an alert.
Comments
Post a Comment