KS-Soft. Network Management Solutions
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister    ProfileProfile    Log inLog in 

Test for Certification Authority Certificate Expiry

 
Post new topic   Reply to topic    KS-Soft Forum Index -> Configuration, Maintenance, Troubleshooting
View previous topic :: View next topic  
Author Message
RogerSpraggon



Joined: 19 Mar 2012
Posts: 59

PostPosted: Thu Sep 19, 2019 5:58 pm    Post subject: Test for Certification Authority Certificate Expiry Reply with quote

We have an internal AD Certificate Authority server that issues certificates to AD users and computers and I'm trying to find a way to test when the Certification Authority Certificate expires
Back to top
View user's profile Send private message
KS-Soft



Joined: 03 Apr 2002
Posts: 12792
Location: USA

PostPosted: Fri Sep 20, 2019 1:20 pm    Post subject: Reply with quote

Not sure..
What about Certificate Expiration test on port 636 (LDAP)?

If this will not work, try Shell Script test with powershell script like
Code:
$statusUnknown = "ScriptRes:Unknown:"
$statusOk      = "ScriptRes:Ok:"
$statusBad     = "ScriptRes:Bad:"
try
{
 Get-CA ca.company.com | Get-IssuedRequest -Property "CertificateTemplate" | %
 {
   $daysleft = ($_.NotAfter - (Get-Date)).days
   echo ScriptRes:Ok:$daysleft
 }
}
catch
{
  echo $statusUnknown + $_.Exception.GetType().FullName + ":" + $_.Exception.Message
}

Script uses PKI module
https://github.com/PKISolutions/PSPKI

Regards
Alex
Back to top
View user's profile Send private message Visit poster's website
RogerSpraggon



Joined: 19 Mar 2012
Posts: 59

PostPosted: Mon Sep 23, 2019 7:55 pm    Post subject: Reply with quote

The port 636 LDAP didn't work.
Started playing with the script and having trouble restricting to just the Certification Authority Certificate
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    KS-Soft Forum Index -> Configuration, Maintenance, Troubleshooting All times are GMT - 6 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group

KS-Soft Forum Index