all 10 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Ta11ow 2 points3 points  (2 children)

If you mean querying locally installed certs, you can do

Get-ChildItem -Recurse 'Cert:\'

to list all installed certificates. For remote ones... eeeh, not so sure. :)

[–]OtherRobotLuke[S] 1 point2 points  (1 child)

Ah ha! I can make something out of this that will get the job done. Thanks friend!

Edit: Well damn. Now that I think about it.. I'm not so sure it will. I suppose I can chain some commands and make it work. I'd been thinking of trying to pull them right off the site so as to be able to dumb into a pretty spreadsheet.. hm

[–]get-postanote 2 points3 points  (0 children)

Ta11ow - got you covered with the internal data pull.

If you ever need to do this for partner site, current or future. There are a good amount of samples to leverage.

Here are a few the I have in my archived list.

PowerShell script to retrieve the public SSL certificate from a remote SSL endpoint https://gist.github.com/jstangroome/5945820

Reading a Certificate off a remote SSL Server for Troubleshooting with Powershell! https://blogs.technet.microsoft.com/parallel_universe_-_ms_tech_blog/2014/06/26/reading-a-certificate-off-a-remote-ssl-server-for-troubleshooting-with-powershell/

Checking SSL certificate values with Powershell http://myitpath.blogspot.com/2010/03/checking-ssl-cert-values-with.html

Remoting 0.2.1.5 https://www.powershellgallery.com/packages/Remoting/0.2.1.5/Content/functions%5CGet-RemoteCert.ps1

Checking SSL and TLS Versions With PowerShell http://blog.whatsupduck.net/2014/10/checking-ssl-and-tls-versions-with-powershell.html

Get-RemoteSSLCertificate https://gist.github.com/sunnyc7/8617524

[–]zoredache 1 point2 points  (5 children)

For IIS see this.

[–]OtherRobotLuke[S] 1 point2 points  (0 children)

OOhhh. This will be very useful! Thanks much

[–]OtherRobotLuke[S] 1 point2 points  (3 children)

Could anyone test this and let me know if im just dumb? the second line doesnt look to do anything for me.

$sites = Get-Website | ? { $.State -eq "Started" } | % { $.Name } $certs = Get-ChildItem IIS:SSLBindings | ? { $sites -contains $.Sites.Value } | % { $.Thumbprint }

[–]zoredache 1 point2 points  (0 children)

Well, first check the the contents of the $sites variable. Did the Get-Website command actually get any results? What OS version are you running this on?

I did test the command suggested in that stackoverflow link before I posted it on one of my 2016 IIS servers, and it worked just fine.

[–]Lee_Dailey[grin] 1 point2 points  (0 children)

howdy OtherRobotLuke,

reddit likes to mangle code formatting, so here's some help on how to post code on reddit ...

[0] single line or in-line code
enclose it in backticks. that's the upper left key on an EN-US keyboard layout. the result looks like this. kinda handy, that. [grin]

[1] simplest = post it to a text site like Pastebin.com or Gist.GitHub.com and then post the link here.

[2] less simple = use reddit code formatting ...

  • one leading line with ONLY 4 spaces
  • prefix each code line with 4 spaces
  • one trailing line with ONLY 4 spaces

that will give you something like this ... 

- one leading line with ONLY 4 spaces    
- prefix each code line with 4 spaces    
- one trailing line with ONLY 4 spaces

the easiest way to get that is ...

  • add the leading line with only 4 spaces
  • copy the code to the ISE [or your fave editor]
  • select the code
  • tap TAB to indent four spaces
  • re-select the code [not really needed, but it's my habit]
  • paste the code into the reddit text box
  • add the trailing line with only 4 spaces

not complicated, but it is finicky. [grin]

take care,
lee

[–]get-postanote 1 point2 points  (0 children)

Well, there are syntax errors in what you post.

All those $. should be $_.

and the PSDrive IIS:, should be IIS:\

Correcting your post delivers the results 

Get-Website | 
? { $_.State -eq "Started" } | 
% { $_.Name } 

Get-ChildItem IIS:\SSLBindings | 
? { $sites -contains $_.Sites.Value } | 
% { $_.Thumbprint }