I'm trying to get trusted root certificates that will be expired in 60 days. This is what I have so far
$getcert=Get-ChildItem -Path Cert:\LocalMachine\AuthRoot -ExpiringInDays 60
foreach ($cert in $getcert) {
$cert.issuer #how to get this?
if($cert -ne "" -and $cert.issuer -notcontains "Root CA" ){
"send notification"
$cert.FriendlyName
}else{
"continue"
}}
But I'm not able to get the issuer, I need it in order to exclude those created by Root CA or servers, so I can know when certs like Digicert will expire and then send notification(already have mailgun configured, no need to add this part)
There is an "Issued By" property inside MMC but don't know how to find it through PS, can anyone help me with it? really appreciate any help.
Thanks, best regards.
Continuing from my comment, you can filter for non "Root CA" certificates piping to a Where-Object, unless this isn't the full filter purpose. So, you can do something like this instead:
$Expriring_Certs = Get-ChildItem -Path Cert:\LocalMachine\AuthRoot -ExpiringInDays 60 | Where-Object {$_.Subject -notmatch "Root CA"}
foreach($Cert in $Expriring_Certs){
[PSCustomObject]@{
"Friendly Name" = $Cert.FriendlyName
" Cert Issuer " = $Cert.Issuer
"Expiration Date" = $Cert.NotAfter
}
}