This script has been written long ago but started using it now, not a complex logic/code but
assisted few of our teams to monitor their enviornment certificates 60 days before expiry.
here is what it does:
- Read the CSV file
- Read Cert name, expiry , alert email & Type
$CertName = $i.CertName
$Expiry = $i.Expiry
$AlertEmail = $i.AlertEmail
$Type = $i.Type
- Based on above it compares the expiry date with Today’s date & if only 60 days are remaining for expiry, it will send alert.
Attention: Cert $CertName will expire on $Expiry – $Type
Download and schedule the batch file via task scheduler to start monitoring of certs.
https://gallery.technet.microsoft.com/scriptcenter/Certificate-expiry-Alert-2f63c2d5
Please change below variables as per your enviornment:
$smtpserver = “smtp server”
$from = “CertExpiry@labtest.com”
$days = “-60”
$errormail = “vikass@labtest.com” #if script resulted in error
Note: it has been tested with date format MM/DD/YYYY
########################################################################## ## Script to Monitor Certificate expiration ## Author: Vikas Sukhija ## Date: 08-18-2014 ## ## This scripts is used for monitor expiry dates ofcritical Certificates ## Alert is sent before X days of expiry ## ########################################################################## ##########################Define Variables################################ $date1 = get-date -format d $date1 = $date1.ToString().Replace("/","-") $logs = ".\Logs" + "\" + "Processed_" + $date1 + "_.log" $path = ".\logs\" $limit = (Get-Date).AddDays(-60) #for log recycling Start-Transcript -Path $logs $date= get-date $smtpserver = "smtp server" $from = "CertExpiry@labtest.com" $days = "-60" $errormail = "vikass@labtest.com" $data=import-csv .\CertExpiry.csv foreach($i in $data) { $CertName = $i.CertName $Expiry = $i.Expiry $AlertEmail = $i.AlertEmail $Type = $i.Type write-host "$CertName - $Expiry" -foregroundcolor magenta if($Expiry -eq "not set"){ write-host "Cert expiration date is not set for $CertName" -foregroundcolor Green } else { $Expiry = get-date $Expiry $Expiry1 = ($Expiry).adddays($days) if($Expiry1 -le $date){ write-host "Cert $CertName will expire on $Expiry" -foregroundcolor red $to1 = $AlertEmail $message = new-object Net.Mail.MailMessage $smtp = new-object Net.Mail.SmtpClient($smtpserver) $message.From = $from $message.To.Add($to1) $message.bcc.ADD($errormail) $message.IsBodyHtml = $False $message.Subject = "Attention: Cert $CertName will expire on $Expiry - $Type" $smtp.Send($message) Write-host "Message Sent to $to1 for Cert $CertName" -foregroundcolor Blue } } } if ($error -ne $null) { #SMTP Relay address $msg = new-object Net.Mail.MailMessage $smtp = new-object Net.Mail.SmtpClient($smtpServer) #Mail sender $msg.From = $from #mail recipient $msg.To.Add($errormail) $msg.Subject = "Cert expiry Script error" $msg.Body = $error $smtp.Send($msg) $error.clear() } else { Write-host "no errors till now" } ########################Recycle logs ###################################### Get-ChildItem -Path $path | Where-Object { $_.CreationTime -lt $limit } | Remove-Item -recurse -Force Stop-Transcript ##############################################################################
Sukhija Vikas
Tech Wizard 
Pingback: Certificate expiry Alert | Microsoft Technologies Blog – Hari Babu Online