This has hints like GET-COMMAND *CERT* for getting a list of PowerShell commands that have the word cert inside, and in saying a great many things, it eventually allowed me to figure out how to get a list of certificates that are about to expire at a Windows environment out of PowerShell. Here are the steps:
- Run set-location cert: at the root of the C drive to change into an environment where there is a hierarchy of certificates not unlike what one sees when one types certmgr.msc at the command line in Windows 7 to spawn a dialog box for browsing certificates.
- set-location localmachine will drill a level deeper. Do this next. At this point get-childitem should list some of the categories of certificates and you may do a set-location into any one of them and then a get-childitem inside to see the certificates. However there isn't really a need to do so.
- get-childitem -recurse -expiringdays 42 is supposed to list all the certificates that are to expire in the next forty-two days, but I couldn't get this to work for me and I would end up with an error reading specifically A parameter cannot be found that matches parameter name 'ExpiringInDays' prompting the likes of get-childitem -Recurse | where { $_.notafter -le (get-date).AddDays(42) -AND $_.notafter -gt (get-date)} | select thumbprint, subject as a workaround.
Addendum 8/25/2018: get-childitem cert:\\ lists the CurrentUser and LocalMachine sublocations per jdgonzalez without changing locations and I have along the same lines also found that get-childitem cert:\\LocalMachine will similarily show us what is in LocalMachine.
No comments:
Post a Comment