Get Certificate Expiration Remotely Off Servers
Video – Writing a GUI for PowerShell
11/24/2020
Windows Update Repair and Restore
11/25/2020
We are continuing our new series that answers common questions, or questions that have been asked about PowerShell. Today, certificate expiration remotely off servers. What we intend to provide is one of the many, many ways you can accomplish these tasks within PowerShell.
All of the solutions are ours and demonstrate the author’s skill and ability level at the time of writing. That is to say, we might not always write the best PowerShell code, however, if you know of a better way we welcome that input.
Let’s start. The question is:
Is there anyway to pull certificate information from servers remotely?
The Answer:
Let’s get certificate expiration remotely off servers!
Yes. You can do this with Get-Childitem locally, using Invoke-Command and Get-Childitem together is what you are looking for.
What is the Get-ChildItem cmdlet you ask? The Get-ChildItem cmdlet literally gets the items in a specified location, or locations. If the item is a container, like registry keys, or directories, or text files, it gets the items inside the container, the items that reside inside these types of containers are called child items. You can use the -Recurse parameter to get items in all child containers and use the -Depth parameter to limit the number of levels to recurse.
For instance:
(Get-ChildItem Cert:\LocalMachine\My) | Get-Member -MemberType Property
Will return Name, Member Type, and Definition.
You can use this to get certificates specific to your computer name:
Get-ChildItem Cert:\LocalMachine\My | Where-Object {$_.subject -match [Environment]::GetEnvironmentVariable("newcomputer0001")}
Lastly, pull only certs that are expired from remote servers and outputs that information to the console for review.
Now that you know check out This article if you are looking to add more to your Invoke-Command.
