I am not well versed with PowerShell but after researching it appears PowerShell might be the tool I need. I have a need to inventory all computers on my AD to confirm whether or not they have the necessary SSL root certs that I have attempted to push out via GPO.
Most computers do have the certs but I need to identify the ones that do not.
All examples I've run across seem to include "Path Cert :\localmachine". How do I replace 'localmachine' for 'computer name' to gather SSL cert info from remote computers on my LAN?
One example but it is not entirely clear how I would modify this script to connect remotely to each machine:
Get certificate info into a CSV by using PowerShell
Using PowerShell to work with SSL Certificates
Hi @Vasil Michev, That seems simple enough in theory. But sadly once I ask for details on certs in that location I get nothing but the computer name when using the following example.:
I'm trying to find 2 specific certs in this location. And if they don't exist in this location I need to know which computer it is that needs them installed. Or stated another way if I can get a report that tells me the cert "IssuedTo" descriptor and the "Expiration Date". Ultimately I need to install the proper certs if they don't exist. I can do that manually. Heck, I can do all of this manually but it would be nice if I work smarter not harder.
So if I could do this I would like to parse a csv that contains the computer names that I need to check for certs in 'CurrentUser\Root' & 'LocalMachine\Root' that have an 'Issue To' name of 'SSL_Cert_1' & 'SSL_Cert_2' and also display the 'Expiration Date' associated with each cert.
Each computer that does not have the required certs I would like to install these certs. Or at the very least list them so I can pay a visit.
Unfortunately I can't even begin to write the proper syntax to include something like the following.:
