We current have a procedure to check certificates via the certutil command. We need to monitor this within SolarWinds and I've been trying to find a PowerShell script to get this information.
At the moment I have 2 different variants of PowerShell scripts but I can't seem to get them to work properly. See scripts below;
Invoke-Command -ComputerName SERVERNAME -UseSSL -ScriptBlock {certutil.exe -store my | Select-String -Pattern '(template)|(NotAfter)' | select Line | FT -AutoSize }
The above script only gives me the actual expiry date, but I need it to show/prompt me if I have 30 days or less on the certificate expiry.
Run certutil -split -URL ldap:///CN=RootCA,CN=-CRStandaloneCA,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=domain,DC=local?certificateRevocationList
The above script shows me 1 certificate but doesn't show me the 30 day expiry date.
Can anyone possibly help me on obtaining a script to provide a warning when there is less than 30 days please?