PowerShell Script: Get Certificate that will be expired soon

2
9933
PowerShell

I’m back. Yeah, almost 5 weeks I haven’t written something here. This time, I’ve created a PowerShell script that will notify you if there is an SSL Certificate that will expire in days remaining. This script is actually modification script from here. I’ve also uploaded the script on my Github Repo. Below is the complete script. You can change the remaining date setting on variable $daysremain

Add-PSSnapin Microsoft.Exchange.Management.Powershell.Admin -erroraction silentlyContinue
##### Email Configuration Section #####
$SMTPName = ""
$EmailMessage = new-object Net.Mail.MailMessage
$SMTPServer = new-object Net.Mail.SmtpClient($SMTPName)
$EmailMessage.From = ""
$EmailMessage.To.Add("")
##### Enter Serverr List #####
$servername=""
##### Enter the remaining date before certificate is expired ######
$daysremain=30
$certlist=Invoke-Command -ComputerName $servername {Get-ChildItem Cert:\LocalMachine\My -Recurse |
    Where-Object {$_ -is [System.Security.Cryptography.X509Certificates.X509Certificate2] -and $_.NotAfter -gt (Get-Date) -and $_.NotAfter -lt (Get-Date).AddDays($daysremain)}
    }
if ($certlist){
    # Begin creation of the HTML for the email
    $body = "<head>"
    $body = $body + "<style>"
    $body = $body + "BODY{background-color:white;}"
    $body = $body + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}"
    $body = $body + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:grey}"
    $body = $body + "TD{border-width: 1px;padding: 4px;border-style: solid;border-color: black;background-color:white}"
    $body = $body + "td.green{background-color: green; color: black;}"
    $body = $body + "td.gray{background-color: gray; color: black;}"
    $body = $body + "td.silver{background-color: silver; color: black;}"
    $body = $body + "td.fsdata{background-color: #87AFC7; color: black;}"
    $body = $body + "td.red{background-color: red; color: black;}"
    $body = $body + "H4{background-color: Gold; color: black;}"
    $body = $body + "H5{color: gray;}"
    $body = $body + "</style>"
    $body = $body + "</head>"
    $body = $body + "<body>"
    $body = $body + "<font size=" + '"2"' + " face=" + '"arial black"' + ">"
    $body = $body + "<H3 align=" + '"center"' + ">Warning, SSL Certificate(s) in server $servername needs your attention</H3>"
    $body = $body + "</font>"
    foreach ($certificate in $certlist) {
        $body = $body + "<font align="+ '"left"' +">Certificate Issued To = " +  $certificate.Issuer + "</font><br />"
        $body = $body + "<font align="+ '"left"' +">Expired Date = " +  $certificate.NotAfter + "</font><br /><br />"
    }
    $body = $body + "</body>"
    ##### Send The email with result #####
    $EmailMessage.Subject = "[ATTENTION] There is SSL Certificate(s) that need your attention"
    $EmailMessage.Body = $body
    $EmailMessage.IsBodyHTML = $true
    $SMTPServer.Send($EmailMessage)
}

Run this code in PowerShell ISE to test the functionality in your environment. As additional, you can also run this code with a Scheduler Task.

2 COMMENTS

  1. Hi,
    i tried this script and got many errors:
    Exception setting “From”: “Cannot convert value “” to type “System.Net.Mail.MailAddress”. Error: “The parameter ‘address’ cannot be an empty string.
    Parameter name: address””
    At line:7 char:1
    + $EmailMessage.From = “”
    + ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [], SetValueInvocationException
    + FullyQualifiedErrorId : ExceptionWhenSetting

    Exception calling “Add” with “1” argument(s): “The parameter ‘addresses’ cannot be an empty string.
    Parameter name: addresses”
    At line:8 char:1
    + $EmailMessage.To.Add(“”)
    + ~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo : NotSpecified: (:) [], MethodInvocationException
    + FullyQualifiedErrorId : ArgumentException

    Invoke-Command : Cannot validate argument on parameter ‘ComputerName’. The argument is null or empty. Provide an argument that is not null or empty, and then try the
    command again.
    At line:13 char:40
    + $certlist=Invoke-Command -ComputerName $servername {Get-ChildItem Cer …
    + ~~~~~~~~~~~
    + CategoryInfo : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
    + FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand

LEAVE A REPLY

Please enter your comment!
Please enter your name here