Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function get-ExpiringCerts ($duedays=45,$CAlocation="Server\SubCA1") {
- $certs = @()
- $now = get-Date;
- $expirationdate = $now.AddDays($duedays)
- $CaView = New-Object -Com CertificateAuthority.View.1
- [void]$CaView.OpenConnection($CAlocation)
- $CaView.SetResultColumnCount(6)
- $index0 = $CaView.GetColumnIndex($false, "Issued Common Name")
- $index1 = $CaView.GetColumnIndex($false, "Certificate Expiration Date")
- $index2 = $CaView.GetColumnIndex($false, "Issued Email Address")
- $index3 = $CaView.GetColumnIndex($false, "Certificate Template")
- $index4 = $CaView.GetColumnIndex($false, "Request Disposition")
- $index5 = $CaView.GetColumnIndex($false, "Request ID")
- $index0, $index1, $index2, $index3, $index4, $index5 | %{$CAView.SetResultColumn($_) }
- $report = $null
- $report = @()
- $head = @'
- <Title>AI-SUBCA1 Certificate Expiration Report</Title>
- <style>
- body
- {
- background-color:#FFFFFF;
- font-family:Tahoma;
- font-size:10pt;
- }
- td, th
- {
- border:1px solid black;
- }
- th
- {
- color:white;
- background-color:#015294;
- }
- table, tr, td, th {padding: 1px; border-width: 1px; margin: 1px
- </style>
- '@
- # CVR_SORT_NONE 0
- # CVR_SEEK_EQ 1
- # CVR_SEEK_LT 2
- # CVR_SEEK_GT 16
- $index1 = $CaView.GetColumnIndex($false, "Certificate Expiration Date")
- $CAView.SetRestriction($index1,16,0,$now)
- $CAView.SetRestriction($index1,2,0,$expirationdate)
- # brief disposition code explanation:
- # 9 - pending for approval
- # 15 - CA certificate renewal
- # 16 - CA certificate chain
- # 20 - issued certificates
- # 21 - revoked certificates
- # all other - failed requests
- $CAView.SetRestriction($index4,1,0,20)
- $RowObj= $CAView.OpenView()
- $report += "<H3>Certificate Expiration Status</H3>"
- $report += "<br>"
- $report += "The following certificates are expiring in the next 45 days:"
- $report += "<br><br><style>
- table {
- border: 1px solid black;
- }
- </style><table><tr>
- <th>Request ID</th>
- <th>Common Name</th>
- <th>Days until Expiration</th>
- <th>Expiration</th>
- </tr>
- "
- while ($Rowobj.Next() -ne -1){
- $Cert = New-Object PsObject
- $ColObj = $RowObj.EnumCertViewColumn()
- [void]$ColObj.Next()
- do {
- $current = $ColObj.GetName()
- $Cert | Add-Member -MemberType NoteProperty $($ColObj.GetDisplayName()) -Value $($ColObj.GetValue(1)) -Force
- } until ($ColObj.Next() -eq -1)
- Clear-Variable ColObj
- $datediff = New-TimeSpan -Start ($now) -End ($cert."Certificate Expiration Date")
- $report += "<tr #bgcolor><td>" + $cert."Request ID" + "</td><td>" + $cert."Issued Common Name" + "</td><td>" + $dateDiff.Days + "</td><td>" + $cert."Certificate Expiration Date" +"</td></tr>"
- #"Send email to : " + $cert."Issued Email Address"
- if(($dateDiff.Days -le 35) -and ($dateDiff.Days -ge 15)){
- $report = $report -replace "#bgcolor","bgcolor='MediumOrchid'"
- }
- if(($dateDiff.Days -le 15) -and ($dateDiff.Days -ge 2)){
- $report = $report -replace "#bgcolor","bgcolor='khaki'"
- }
- if($dateDiff.Days -le 1){
- $report = $report -replace "#bgcolor","bgcolor='IndianRed'"
- }
- }
- $RowObj.Reset()
- $CaView = $null
- [GC]::Collect()
- $bodynocerts += "<H3>Certificate Status</H3><br><br>There are no cerficates expiring within the next 45 days<br><br> <br>__________________________________________________________________________________________________________<br>This message was sent by an automated system. If you believe you received this in error, or you have any questions or concerns, please contact the NIAID OEB Server Development Team at email Thank you.
- E-mail sent from $($ENV:Computername)."
- $report += "</table><br> <br> <br>__________________________________________________________________________________________________________<br>This message was sent by an automated system. If you believe you received this in error, or you have any questions or concerns, please contact the NIAID OEB Server Development Team at emali Thank you.
- E-mail sent from $($ENV:Computername)."
- $body = @"
- $Report
- "@
- $MessageBody = ConvertTo-Html -head $head -Body $body
- $MessageNoCerts = ConvertTo-Html -head $head -Body $bodynocerts
- $recipient = "@email"
- $fromemail = $Env:COMPUTERNAME + "@niaid.nih.gov"
- $server = "post.niaid.nih.gov"
- if($cert."Request ID" -eq $null)
- {
- send-mailmessage -from $fromemail -to $recipient -subject "Certificate Expiration Report" -BodyAsHTML -body ($MessageNoCerts | Out-String) -smtpServer $server
- }
- else{
- send-mailmessage -from $fromemail -to $recipient -subject "Certificate Expiration Report" -BodyAsHTML -body ($MessageBody | Out-String) -smtpServer $server
- }
- }
- get-ExpiringCerts -duedays 45 -CAlocation "SUBCA"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement