need help with Powershell. We need to find server certificate expiration using powershell. These are weblogic console Urls. The URLs have context and port like https://server:7020/context . If I browse URL without context, I get error -
Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
I have tried with following code -
Try{
$Conn = New-Object
System.Net.Sockets.TcpClient($WebsiteURL,$WebsitePort)
Try {
$Stream = New-Object
System.Net.Security.SslStream($Conn.GetStream(),$false, {
param($sender, $certificate, $chain, $sslPolicyErrors)
return $true
})
$Stream.AuthenticateAsClient($CommonName)
If I try a server without context it gives following error -
A call to SSPI failed, see inner exception.
What are commands and options to query in powershell? Any help is appreciated.
Using Get-RemoteSslCertificate from jstangroome you can simply run the following to return the expiration.
(Get-RemoteSslCertificate -ComputerName server -Port 7020).NotAfter
The Get-RemoteSslCertificate function:
function Get-RemoteSslCertificate {
# Author: jstangroome https://gist.github.com/jstangroome/5945820
[CmdletBinding()]
param (
[Parameter(Mandatory=$true)]
[string]
$ComputerName,
[int]
$Port = 443
)
$Certificate = $null
$TcpClient = New-Object -TypeName System.Net.Sockets.TcpClient
try {
$TcpClient.Connect($ComputerName, $Port)
$TcpStream = $TcpClient.GetStream()
$Callback = { param($sender, $cert, $chain, $errors) return $true }
$SslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList @($TcpStream, $true, $Callback)
try {
$SslStream.AuthenticateAsClient('')
$Certificate = $SslStream.RemoteCertificate
} finally {
$SslStream.Dispose()
}
} finally {
$TcpClient.Dispose()
}
if ($Certificate) {
if ($Certificate -isnot [System.Security.Cryptography.X509Certificates.X509Certificate2]) {
$Certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $Certificate
}
Write-Output $Certificate
}
}