Looking for a way to inventory all SSL certificates

Comments

6 comments

  • Avi Solomon

    Am I allowed to comment on my own posts? ha. I found a way to do it in Powershell, so I ran the following:

    Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -match '*.{my_domain}.com'}

    That found all the wildcard certs on a server. I then ran that against all servers and looked at the results. It worked great....BUT.... I would like to be able to query using Powershell and bring back the results into the PDQ Database so I can report on the results, rather than run a tool in real-time. Any ideas? Any plans for allowing me to run a powershell query and bring the results back into a "Powershell results" tab so I can query for it? Thanks

    0
    Comment actions Permalink
  • Colby Bouma

    Any plans for allowing me to run a powershell query and bring the results back into a "Powershell results" tab so I can query for it?

    Yes! We are working on a PowerShell scanner that will do exactly this. I don't have an ETA on when it will be available, but I'm hopeful that it will be sometime this year.

    0
    Comment actions Permalink
  • Kenneth Brakefield

    Colby - I hate to bump an old thread, but is this feature closer to having an ETA?  This would be a great addition to the product!

    0
    Comment actions Permalink
  • Colby Bouma

    Sorry, no ETA. We're working on it, but it's difficult to say at this point when it will be ready.

    0
    Comment actions Permalink
  • Chad Eldridge

    We would also very much like this functionality.  I have not found any way to pull a certificate list through WMI and I can get it very easily through PS.

    0
    Comment actions Permalink
  • Dennis Rogers

    Here is a nice way to keep track of all your domain certs and the expiration.

    Get-ChildItem Cert:\ -Recurse | Where-Object {$_.Subject -Match '.youdomain.com'}|Select-Object Subject, NotAfter

     

    0
    Comment actions Permalink

Please sign in to leave a comment.