修改SSL证书检查Powershell脚本以循环遍历多个站点

时间:2015-02-07 19:48:09

标签: powershell ssl

我是Powershell的新手,但我正在尝试编写一个脚本来检查多个远程网站的SSL证书到期日期。

我发现这个脚本(http://www.zerrouki.com/checkssl/)能够满足我的需求,但仅适用于单个站点。 我试图修改它以允许多个站点/检查,但是当我这样做时出现错误。我已经删除了脚本中的所有电子邮件功能,因为我将使用另一个工具来提醒即将到期的证书。我已经对要检查的URL进行了硬编码。

 <#
    Modified from Fabrice ZERROUKI - fabricezerrouki@hotmail.com Check-SSL.ps1
#>
$WebsiteURLs= @("URL1.com","URL2.com","URL3.com")
$WebsitePort=443
$CommonName=$WebsiteURL
$Threshold=120

foreach ($WebsiteURL in $WebsiteURLs){
Try{
    $Conn = New-Object System.Net.Sockets.TcpClient($WebsiteURL,$WebsitePort) 

    Try {
        $Stream = New-Object System.Net.Security.SslStream($Conn.GetStream())
        $Stream.AuthenticateAsClient($CommonName) 

        $Cert = $Stream.Get_RemoteCertificate()

        $ValidTo = [datetime]::Parse($Cert.GetExpirationDatestring())

        Write-Host "`nConnection Successfull" -ForegroundColor DarkGreen
        Write-Host "Website: $WebsiteURL"

        $ValidDays = $($ValidTo - [datetime]::Now).Days

        if ($ValidDays -lt $Threshold)
        {
        Write-Host "`nStatus: Warning (Expires in $ValidDays days)" -ForegroundColor Yellow
        Write-Host "CertExpiration: $ValidTo`n" -ForegroundColor Yellow

        }
        else
        {
        Write-Host "`nStatus: OK" -ForegroundColor DarkGreen
        Write-Host "CertExpiration: $ValidTo`n" -ForegroundColor DarkGreen
        }
    }
    Catch { Throw $_ }
    Finally { $Conn.close() }
    }
    Catch {
            Write-Host "`nError occurred connecting to $($WebsiteURL)" -ForegroundColor Yellow
            Write-Host "Website: $WebsiteURL"
            Write-Host "Status:" $_.exception.innerexception.message -ForegroundColor Yellow
            Write-Host ""

}
}

当我运行此网站($ WebsiteURLs变量中的有效网站)时,每个网站都返回:状态:身份验证失败,因为远程方已关闭传输流。

如果我只在$ WebsiteURLs变量中放置一个站点并删除foreach函数,则运行正常。

知道我可以做些什么来循环变量中的每个站点?

1 个答案:

答案 0 :(得分:1)

问题在于:

$WebsiteURLs= @("URL1.com","URL2.com","URL3.com")
$WebsitePort=443
$CommonName=$WebsiteURL

当您致电$Stream.AuthenticateAsClient($CommonName)时,它无效,因为$CommonName=$WebsiteURL正在将$commonName设置为null。当您删除循环时,我假设您按照我的方式执行了操作并将$WebsiteURLs更改为$WebsiteURL,因此您有一个值来指定$CommonName

如果您将$CommonName的声明移到循环中,它就会起作用。

$WebsiteURLs= @("URL1.com","URL2.com","URL3.com")
$WebsitePort=443
$Threshold=120

foreach ($WebsiteURL in $WebsiteURLs){
$CommonName=$WebsiteURL
Try{
    $Conn = New-Object System.Net.Sockets.TcpClient($WebsiteURL,$WebsitePort) 

    Try {
        $Stream = New-Object System.Net.Security.SslStream($Conn.GetStream())
        $Stream.AuthenticateAsClient($CommonName) 

        $Cert = $Stream.Get_RemoteCertificate()

        $ValidTo = [datetime]::Parse($Cert.GetExpirationDatestring())

        Write-Host "`nConnection Successfull" -ForegroundColor DarkGreen
        Write-Host "Website: $WebsiteURL"

        $ValidDays = $($ValidTo - [datetime]::Now).Days

        if ($ValidDays -lt $Threshold)
        {
        Write-Host "`nStatus: Warning (Expires in $ValidDays days)" -ForegroundColor Yellow
        Write-Host "CertExpiration: $ValidTo`n" -ForegroundColor Yellow

        }
        else
        {
        Write-Host "`nStatus: OK" -ForegroundColor DarkGreen
        Write-Host "CertExpiration: $ValidTo`n" -ForegroundColor DarkGreen
        }
    }
    Catch { Throw $_ }
    Finally { $Conn.close() }
    }
    Catch {
            Write-Host "`nError occurred connecting to $($WebsiteURL)" -ForegroundColor Yellow
            Write-Host "Website: $WebsiteURL"
            Write-Host "Status:" $_.exception.innerexception.message -ForegroundColor Yellow
            Write-Host ""

}
}
相关问题
最新问题