[英]Powershell find webserver certificate expiration with context in URL
need help with Powershell.需要 Powershell 的帮助。 We need to find server certificate expiration using powershell.
我们需要使用 powershell 查找服务器证书过期。 These are weblogic console Urls.
这些是 weblogic 控制台 URL。 The URLs have context and port like https://server:7020/context.
URL 具有上下文和端口,例如 https://server:7020/context。 If I browse URL without context, I get error -
如果我在没有上下文的情况下浏览 URL ,我会收到错误 -
Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
I have tried with following code -我试过以下代码 -
Try{
$Conn = New-Object
System.Net.Sockets.TcpClient($WebsiteURL,$WebsitePort)
Try {
$Stream = New-Object
System.Net.Security.SslStream($Conn.GetStream(),$false, {
param($sender, $certificate, $chain, $sslPolicyErrors)
return $true
})
$Stream.AuthenticateAsClient($CommonName)
If I try a server without context it gives following error -如果我尝试没有上下文的服务器,则会出现以下错误 -
A call to SSPI failed, see inner exception.
What are commands and options to query in powershell?在 powershell 中查询的命令和选项是什么? Any help is appreciated.
任何帮助表示赞赏。
Using Get-RemoteSslCertificate
from jstangroome you can simply run the following to return the expiration.使用来自 jstangroome
Get-RemoteSslCertificate
,您可以简单地运行以下命令来返回过期时间。
(Get-RemoteSslCertificate -ComputerName server -Port 7020).NotAfter
The Get-RemoteSslCertificate
function: Get-RemoteSslCertificate
function:
function Get-RemoteSslCertificate {
# Author: jstangroome https://gist.github.com/jstangroome/5945820
[CmdletBinding()]
param (
[Parameter(Mandatory=$true)]
[string]
$ComputerName,
[int]
$Port = 443
)
$Certificate = $null
$TcpClient = New-Object -TypeName System.Net.Sockets.TcpClient
try {
$TcpClient.Connect($ComputerName, $Port)
$TcpStream = $TcpClient.GetStream()
$Callback = { param($sender, $cert, $chain, $errors) return $true }
$SslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList @($TcpStream, $true, $Callback)
try {
$SslStream.AuthenticateAsClient('')
$Certificate = $SslStream.RemoteCertificate
} finally {
$SslStream.Dispose()
}
} finally {
$TcpClient.Dispose()
}
if ($Certificate) {
if ($Certificate -isnot [System.Security.Cryptography.X509Certificates.X509Certificate2]) {
$Certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList $Certificate
}
Write-Output $Certificate
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.