Блог

Когда мы запускаем это из Планировщика задач на серверах Windows 2012R2, мы получаем отчет о просроченных ssl-сертификатах…

 $serverListpath = (Get-adcomputer -SearchBase "OU=container,DC=root,DC=com" -SearchScope Subtree -filter {name -like "*context*"} -Properties Name|select Name|where-object {$_.name -notLike "FLD*"})
#$serverlist = Get-Content -Force $serverlistpath
#$serverlist = Get-Content ".servers.txt"
$serverlist = $serverListpath.Name

foreach($server in $serverlist){
    if($server -like '#*')
    {
        continue
    }

$threshold = 45   #Number of days to look for expiring certificates
$deadline = (Get-Date).AddDays($threshold)   #Set deadline date
Invoke-Command $server { Dir Cert:LocalMachineMy } | foreach {
If ($_.NotAfter -le $deadline) { $_ | Select Issuer, Subject, NotAfter, @{Label="Expires In (Days)";Expression={($_.NotAfter - (Get-Date)).Days}} }
}|select -expandproperty Subject|out-file .output$day-ExpiringIISSSLCerts.txt -Encoding ascii -Append
}
#All Admin Servers
# Start mail send
$log = "d:batchoutput$day-ExpiringIISSSLCerts.txt"
    if(Test-Path -Path $log){

$smtpServer = "smtpserver"
$messageSubject = "Cert Check Report - "   $env:computername 
$message = New-Object System.Net.Mail.MailMessage
$message.From = "authorizedemailaddress"
$message.To.Add("myemail")
$message.Subject = $messageSubject 
$message.IsBodyHTML = $true 
$message.Body = "<head><pre>$style</pre></head>" 
$message.Body  = "Cert Check Report - "   $env:computername
$message.Body  = Get-Date
$message.Body  = "<br><b>Expiring SSL Certificates Check from "   $env:computername   "</b>"
$message.Attachments.Add($log)
$smtp = New-Object Net.Mail.SmtpClient($smtpServer) 
$smtp.Send($message)
}
$result = Get-content $log
write-host $result
 

Чего я не понимаю, так это почему это возвращает сертификаты, срок действия которых иногда НЕ истек