Monitoring specific Certificate by Thumbprint

If you have information, script, utility, or idea that can be useful for HostMonitor community, you welcome to share information in this forum.
Post Reply
itelio
Posts: 129
Joined: Thu Nov 06, 2014 11:37 am

Monitoring specific Certificate by Thumbprint

Post by itelio »

Hey!

We have created a script with which you can monitor the runtime of individual certificates via Thumbprint.
Currently only the host can be specified via KS Hostmon.
Maybe this is helpful for one or the other.

Powershell Code:

Code: Select all

$statusAlive = "ScriptRes:Host is alive:"
$statusDead = "ScriptRes:No answer:"
$statusUnknown = "ScriptRes:Unknown:"
$statusNotResolved = "ScriptRes:Unknown host:"
$statusOk = "ScriptRes:Ok:"
$statusBad = "ScriptRes:Bad:"
$statusBadContents = "ScriptRes:Bad contents:"

if (!$args[0]) {
echo $statusUnknown"Computername not specified"
exit
}
if (!$args[1]) {
echo $statusUnknown"Certificate Thumbprint not specified"
exit
}

if (!$args[2]) {
echo $statusUnknown"Warningvalue not specified"


exit
}

$computername = $args[0]
$thumbprint = $args[1]
$warningvalue = $args[2]

$lifetime = invoke-command -computername $computername -scriptblock {ls $args[0]} -ArgumentList cert:\localmachine\my\$thumbprint
$lifetime = ($lifetime.notafter - (get-date)).days
if ($lifetime -gt $warningvalue) {
echo $statusOk"Certificate lifetime is "$lifetime" days"
}
elseif($lifetime -le $warningvalue){
echo $statusBad"Certificate lifetime is "$lifetime" days"
}
else {
echo $statusUnknown"StatusUnknown"
exit
}
Certificate must be located on the respective server under Certificates (local computer) - Personal - Certificates

Image

Params: SERVER THUMBPRINT DAYS (Warningvalue)

Have a nice day!
KS-Soft
Posts: 12873
Joined: Wed Apr 03, 2002 6:00 pm
Location: USA
Contact:

Re: Monitoring specific Certificate by Thumbprint

Post by KS-Soft »

Thank you

Regards
Alex
Post Reply