Just a small simple script that will list all Computer Cerificates that will expire in 90 days, to give you a heads up and time to renew them.
To list computer certificates that will expire in 90 days:
|
1 2 |
# Show computer certificates that will expire in 90 days get-childitem cert:LocalMachine\My -recurse | where-object {$_.NotAfter -gt (get-date)} | select Subject,FriendlyName,Thumbprint,@{Name="Expires in (Days)";Expression={($_.NotAfter).subtract([DateTime]::Now).days}} | where "Expires in (Days)" -lt 90 | Sort "Expires in (Days)" |
Just change “-lt 90” to some other value to adjust the expiry period.
Hi Nino, that specific scipt is just checking the certs on the local machine where it’s being run from.
But here is a post which does the same for all Domain joined servers ; http://www.isolation.se/list-all-expiring-certificates-on-all-domain-joined-servers/
Cheers,
Markus
I do not see how the scrip will loop through all servers in AD?
Hi,
I got this error message:
Where-Object : Cannot bind parameter ‘FilterScript’. Cannot convert the “Expires in (Days)” value of type “System.Strin
g” to type “System.Management.Automation.ScriptBlock”.
Thanks, it worked for me