Forum Discussion

Alexandros8888's avatar
Alexandros8888
Copper Contributor
Nov 23, 2020

Monitor  SSL Certificates that will be expired soon and also provide an email notification

Hello,

I have the following code in order to monitor  SSL Certificates that will be expired soon and also provide an email notification at the end.

To be clear i have found that code from this link https://www.msnoob.com/powershell-script-get-certificate-that-will-be-expired-soon.html 

 

 

Add-PSSnapin Microsoft.Exchange.Management.Powershell.Admin -erroraction silentlyContinue

##### Email Configuration Section ##### 

$SMTPName = ""
$EmailMessage = new-object Net.Mail.MailMessage
$SMTPServer = new-object Net.Mail.SmtpClient($SMTPName)
$EmailMessage.From = "alexandros.ananikidis@sag-ag.ch"
$EmailMessage.To.Add("alexandros.ananikidis@sag-ag.ch")

##### Enter Serverr List ##### 
$servername="https://www.google.com"

##### Enter the remaining date before certificate is expired ######
$daysremain=30
 
 
$certlist=Invoke-Command -ComputerName $servername {Get-ChildItem Cert:\LocalMachine\My -Recurse |
    Where-Object {$_ -is [System.Security.Cryptography.X509Certificates.X509Certificate2] -and $_.NotAfter -gt (Get-Date) -and $_.NotAfter -lt (Get-Date).AddDays($daysremain)}
    }


if ($certlist){
    # Begin creation of the HTML for the email
    $body = "<head>"
    $body = $body + "<style>"
    $body = $body + "BODY{background-color:white;}" 
    $body = $body + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}" 
    $body = $body + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:grey}" 
    $body = $body + "TD{border-width: 1px;padding: 4px;border-style: solid;border-color: black;background-color:white}" 
    $body = $body + "td.green{background-color: green; color: black;}"
    $body = $body + "td.gray{background-color: gray; color: black;}"
    $body = $body + "td.silver{background-color: silver; color: black;}"
    $body = $body + "td.fsdata{background-color: #87AFC7; color: black;}"
    $body = $body + "td.red{background-color: red; color: black;}"
    $body = $body + "H4{background-color: Gold; color: black;}"
    $body = $body + "H5{color: gray;}"
    $body = $body + "</style>"
    $body = $body + "</head>"
    $body = $body + "<body>"
    $body = $body + "<font size=" + '"2"' + " face=" + '"arial black"' + ">"
    $body = $body + "<H3 align=" + '"center"' + ">Warning, SSL Certificate(s) in server $servername needs your attention</H3>"
    $body = $body + "</font>"

    foreach ($certificate in $certlist) {
        $body = $body + "<font align="+ '"left"' +">Certificate Issued To = " +  $certificate.Issuer + "</font><br />"
        $body = $body + "<font align="+ '"left"' +">Expired Date = " +  $certificate.NotAfter + "</font><br /><br />"
    }

    $body = $body + "</body>"


    ##### Send The email with result #####
    $EmailMessage.Subject = "[ATTENTION] There is SSL Certificate(s) that need your attention"
    $EmailMessage.Body = $body
    $EmailMessage.IsBodyHTML = $true 
    $SMTPServer.Send($EmailMessage)
}

 

 

Nevertheless, when i try to run it i get the following error:

 

 

Invoke-Command : One or more computer names are not valid. If you are trying to pass a URI, use the -ConnectionUri parameter, or pass URI objects instead of strings.
At line:18 char:11
+ $certlist=Invoke-Command -ComputerName $servername {Get-ChildItem Cer ...
+           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (System.String[]:String[]) [Invoke-Command], ArgumentException
    + FullyQualifiedErrorId : PSSessionInvalidComputerName,Microsoft.PowerShell.Commands.InvokeCommandCommand

 

 

I also tried with the  -ConnectionUri parameter instead of -ComputerName  but still it fails.

I am really new with all that PowerShell commands so can maybe someone help me on how to change my code?

 

Thank you a lot

Alexandros

  • farismalaeb's avatar
    farismalaeb
    Nov 27, 2020

    Alexandros8888 

    I hope I understand the last response correct but try to do this change in the $Result Variable

     

    $Result += "
    <br>Certificate for Host: $url Expires on -----> $ExpirationDate
    <br>Certificate for Host: $url Expires in -----> $DayCount DAYS"

     

    The output will be much better and each certificate will be in a separate line

     

    • Alexandros8888's avatar
      Alexandros8888
      Copper Contributor

      Hello farismalaeb,

      Thank you for your reply. I also tried yes.

      I tried like that:

       

      Add-PSSnapin Microsoft.Exchange.Management.Powershell.Admin -erroraction silentlyContinue
      
      ##### Email Configuration Section ##### 
      
      $SMTPName = ""
      $EmailMessage = new-object Net.Mail.MailMessage
      $SMTPServer = new-object Net.Mail.SmtpClient($SMTPName)
      $EmailMessage.From = "alexandros.ananikidis@sag-ag.ch"
      $EmailMessage.To.Add("alexandros.ananikidis@sag-ag.ch")
      
      ##### Enter Serverr List ##### 
      
      
      ##### Enter the remaining date before certificate is expired ######
      $daysremain=30
       
       
      $certlist=Invoke-Command -ComputerName https://www.google.com {Get-ChildItem Cert:\LocalMachine\My -Recurse |
          Where-Object {$_ -is [System.Security.Cryptography.X509Certificates.X509Certificate2] -and $_.NotAfter -gt (Get-Date) -and $_.NotAfter -lt (Get-Date).AddDays($daysremain)}
          }
      
      
      if ($certlist){
          # Begin creation of the HTML for the email
          $body = "<head>"
          $body = $body + "<style>"
          $body = $body + "BODY{background-color:white;}" 
          $body = $body + "TABLE{border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}" 
          $body = $body + "TH{border-width: 1px;padding: 0px;border-style: solid;border-color: black;background-color:grey}" 
          $body = $body + "TD{border-width: 1px;padding: 4px;border-style: solid;border-color: black;background-color:white}" 
          $body = $body + "td.green{background-color: green; color: black;}"
          $body = $body + "td.gray{background-color: gray; color: black;}"
          $body = $body + "td.silver{background-color: silver; color: black;}"
          $body = $body + "td.fsdata{background-color: #87AFC7; color: black;}"
          $body = $body + "td.red{background-color: red; color: black;}"
          $body = $body + "H4{background-color: Gold; color: black;}"
          $body = $body + "H5{color: gray;}"
          $body = $body + "</style>"
          $body = $body + "</head>"
          $body = $body + "<body>"
          $body = $body + "<font size=" + '"2"' + " face=" + '"arial black"' + ">"
          $body = $body + "<H3 align=" + '"center"' + ">Warning, SSL Certificate(s) in server $servername needs your attention</H3>"
          $body = $body + "</font>"
      
          foreach ($certificate in $certlist) {
              $body = $body + "<font align="+ '"left"' +">Certificate Issued To = " +  $certificate.Issuer + "</font><br />"
              $body = $body + "<font align="+ '"left"' +">Expired Date = " +  $certificate.NotAfter + "</font><br /><br />"
          }
      
          $body = $body + "</body>"
      
      
          ##### Send The email with result #####
          $EmailMessage.Subject = "[ATTENTION] There is SSL Certificate(s) that need your attention"
          $EmailMessage.Body = $body
          $EmailMessage.IsBodyHTML = $true 
          $SMTPServer.Send($EmailMessage)
      }

        But i get that error:

       

      Invoke-Command : One or more computer names are not valid. If you are trying to pass a URI, use the -ConnectionUri parameter, or 
      pass URI objects instead of strings.
      At line:18 char:11
      + $certlist=Invoke-Command -ComputerName https://www.google.com {Get-Ch ...
      +           ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          + CategoryInfo          : InvalidArgument: (System.String[]:String[]) [Invoke-Command], ArgumentException
          + FullyQualifiedErrorId : PSSessionInvalidComputerName,Microsoft.PowerShell.Commands.InvokeCommandCommand

      Best regards,

      Alexandros

      • farismalaeb's avatar
        farismalaeb
        Steel Contributor

        Alexandros8888 

        try this small change

         

        $certlist=Invoke-Command -ComputerName $servername -scriptblock {Get-ChildItem Cert:\LocalMachine\My -Recurse | Where-Object {$_.NotAfter -lt (Get-Date).AddDays($daysremain)}}

         

        and make sure that the server is the FQDN of the server or NETBIOS name such as "mylocalserver"

Resources