PowerShell to get remote website’s SSL certificate expiration

I recently needed to put together a PowerShell script that would check the expiration of some external and internal certificates for my company and let me know when they are close to expiring. Since some of the hosts were IP addresses, and some certs were not trusted by the machine running the check, I had to have a way to disable certificate chain validation (equivalent to the curl option -k). There are many ways to get web content in PowerShell, and some are more flexible than others… After some poking around, I put together the script below, combining examples from this post and this post.

$minimumCertAgeDays = 60
 $timeoutMilliseconds = 10000
 $urls = @(
 "https://www.website.com/Login.aspx",
 "https://10.1.1.10/myTestPage.aspx"
 )
#disabling the cert validation check. This is what makes this whole thing work with invalid certs...
 [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
foreach ($url in $urls)
 {
 Write-Host Checking $url -f Green
 $req = [Net.HttpWebRequest]::Create($url)
 $req.Timeout = $timeoutMilliseconds
try {$req.GetResponse() |Out-Null} catch {Write-Host Exception while checking URL $url`: $_ -f Red}
[datetime]$expiration = $req.ServicePoint.Certificate.GetExpirationDateString()
 [int]$certExpiresIn = ($expiration - $(get-date)).Days
$certName = $req.ServicePoint.Certificate.GetName()
 $certPublicKeyString = $req.ServicePoint.Certificate.GetPublicKeyString()
 $certSerialNumber = $req.ServicePoint.Certificate.GetSerialNumberString()
 $certThumbprint = $req.ServicePoint.Certificate.GetCertHashString()
 $certEffectiveDate = $req.ServicePoint.Certificate.GetEffectiveDateString()
 $certIssuer = $req.ServicePoint.Certificate.GetIssuerName()
if ($certExpiresIn -gt $minimumCertAgeDays)
 {Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] -f Green}
 else
 {Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`n`nCert name: $certName`nCert public key: $certPublicKeyString`nCert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer -f Red}
rv req
 rv expiration
 rv certExpiresIn
 }

Hope it saves someone some time… 🙂

Advertisement

Error during install of Small Business Server 2008 – 0xc0000225

I was recently installing a trial version of SBS 2008 on a Sun Virtual Box (now Oracle Virtual Box) when I got a very non-descriptive error during the first few seconds – the installer would say “Windows is loading files” and then throw an unkown error 0xc0000225. It turns out the reason was that I had configured the box with less than the minimum memory – the minimum is 4 GB and I had it set with 512 MB (I know, stingy, but hey, it was a test!)

Read-Only Hard drives – a very rare issue and a very useful post

I ran across a rather odd issue with an external USB drive that all of a sudden became read-only. After some digging on the net found this post with very useful info:

http://www.t3chworks.com/index.php?p=2_1

Thanks to the owner of T3chWorks!

Adobe Acrobat does not show preview in Windows 7

A few days ago I noticed that preview stopped working on my Windows 7 Home Premium 64-bit machine for PDF files. All other files were previewing fine, just PDFs stopped. I remembered there was a patch that I was prompted to install a few days prior to that, so my guess is the patch reset the reg keys that make the preview possible. Anway, after some digging I found a couple of posts with the info on how to reset this (sorry, can’t seem to find the original postings at the moment to give the authors credit 😦 ) Here is the reg file that correct the problem.

P.S. Here is the link to the original post that helped me.