Certificates are a critical component of any working safe and secure Computer Community. Our collective reliance upon these small for everything from confirming our software to encrypting and securing our communications is a constant situation need. Knowing what is coming to its end, knowing the communities exposiure to issuers and knowing the strength (or weakness) of our current state are constant questions.
The CertificateToolsV1.ps1 toolkit is a deployable package which allows a Community coordinator to get notice of Certificates coming due, old certioficates, query of institutions currently associated and the quality of certificates currently on a machine. These can be by prompt while in a remote session on the computer or it can be through a ShortCut or ScheduledTask on a machine.
The following functions are provided:
- Expiring Certificates with prompt code ExpCert and optionally N
- the PrepPeriod N default is 75, N must be integer and represents days from today
- this period is chosen to allow a 60 day period between this script running through a scheduled task on a machine.
- Expiring Entity Certificates with prompt code ExpEndCert and optionally N and like ready keywords separated by comma
- the PrepPeriod N default is 75, N must be integer and represents days from today
- the Entity/Keyword prepared for Like i.e., *Microsoft*,*Vadis*,*Daddy*
- Expird Certificates with prompt code ExpdCert find and list expired certificates
- Certificates by Algorithm with prompt code CertbyAlgor with optional algorithm list Alg,alg... and optional Styles Sty,Sty,Sty
- the Algorithms can be 1 or more from this default list SHA1,SHA2,SHA256,SHA384,SHA512,MACTripleDES,MD5,RIPEMD60
-the Styles are 1 or more from this default list RSA,DSA,ECDSA
- Certificates by Entity with prompt code CertbyEnt and optionally like ready keywords separated by comma *ent*,*ent*...
- the Entity/Keyword prepared for Like i.e., *Microsoft*,*Vadis*,*Daddy*
Results are locally stored in the process \Results subfolder with a name format of "CertRvw-.txt . This form is then available to see the history of activities on the machine and when various pieces of information were available. Text files are also an easy and safe tranfer mechanism to a Community node through email for registrations, and processing for any action activities necessary.
ShortCuts or Scheduled Tasks can be set up to execute these utilities as you wish using:
%systemroot%\System32\WindowsPowerShell\v1.0\powershell.exe -executionpolicy Bypass -Windowstyle Hidden -file "c:\users\userX\YourInstallDirectory\CertificateToolsV1.ps1"
Monitoring your Computer Certificates