$minimumCertAgeDays = 60
$timeoutMilliseconds = 10000
$urls = @(
"https://meet.domain.local"
"https://anywebsite.domain.com"
)
#disabling the cert validation check. This is what makes this whole thing work with invalid certs…
[Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
foreach ($url in $urls)
{
$req = [Net.HttpWebRequest]::Create($url)
$req.Timeout = $timeoutMilliseconds
try {$req.GetResponse() |Out-Null} catch {}
function Convert-StringToDateTime
{
param
(
[Parameter(Mandatory = $true)]
[String] $DateTimeStr
)
# Change Date pattern to German
$DateFormatParts = (Get-Culture).DateTimeFormat.ShortDatePattern -split ‘/|-|\.’
$Month_Index = ($DateFormatParts | Select-String -Pattern ‘MM’).LineNumber – 1
$Day_Index = ($DateFormatParts | Select-String -Pattern ‘dd’).LineNumber – 1
$Year_Index = ($DateFormatParts | Select-String -Pattern ‘yyyy’).LineNumber – 1
$DateTimeParts = $DateTimeStr -split ‘/|-|\.| ‘
$DateTimeParts_LastIndex = $DateTimeParts.Count – 1
$DateTime = [DateTime] $($DateTimeParts[$Month_Index] + ‘/’ + $DateTimeParts[$Day_Index] + ‘/’ + $DateTimeParts[$Year_Index] + ‘ ‘ + $DateTimeParts[3..$DateTimeParts_LastIndex] -join ‘ ‘)
return $DateTime
}
$expiration = Convert-StringToDateTime $req.ServicePoint.Certificate.GetExpirationDateString()
[int]$certExpiresIn = ($expiration – $(get-date)).Days
$certName = $req.ServicePoint.Certificate.GetName()
$certPublicKeyString = $req.ServicePoint.Certificate.GetPublicKeyString()
$certSerialNumber = $req.ServicePoint.Certificate.GetSerialNumberString()
$certThumbprint = $req.ServicePoint.Certificate.GetCertHashString()
$certEffectiveDate = $req.ServicePoint.Certificate.GetEffectiveDateString()
$certIssuer = $req.ServicePoint.Certificate.GetIssuerName()
if ($certExpiresIn -gt $minimumCertAgeDays)
{Write-Host ========================================================================`r`nCert for site $url expires in $certExpiresIn days [on $expiration] `r`n========================================================================`r`n -ForegroundColor Green}
else
# Following lines for testing to get Output on screen
#{Write-Host Cert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`n`nCert name: $certName`nCert public key: $certPublicKeyString`nCert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer -f Yellow `r`n}
#{Write-Host ========================================================================`r`nCert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`n========================================================================`nCert name: $certName`nCert Expires on:$expiration`nCert serial number: $certSerialNumber`nCert thumbprint: $certThumbprint`nCert effective date: $certEffectiveDate`nCert issuer: $certIssuer `r`n========================================================================`r`n -ForegroundColor Yellow}
{$OutputToWrite = "========================================================================`r`nCert for site $url expires in $certExpiresIn days [on $expiration] Threshold is $minimumCertAgeDays days. Check details:`r`n========================================================================`r`nCert name: $certName`r`nCert Expires on:$expiration`r`nCert serial number: $certSerialNumber`r`nCert thumbprint: $certThumbprint`r`nCert effective date: $certEffectiveDate`r`nCert issuer: $certIssuer `r`n========================================================================`r`n"}
$OutputToWrite | Out-File C:\temp\ssl.txt -Encoding utf8
#Remove Variabel
rv req
rv expiration
rv certExpiresIn
}