我有这段代码列出了所有本地计算机SSL证书的详细信息,并将它们存储在csv
文件中。但是,有些自签名证书使我觉得它们无用,因此我想排除它们的出现,我无法弄清它
下面是我编写的代码
$StartDate = Get-Date
$CertPath = 'Cert:\LocalMachine\'
$CertsDetail = Get-ChildItem -Path $CertPath -Recurse | Where-Object {
$_.PsIsContainer -ne $true} | ForEach-Object {
$DaysLeft = (New-TimeSpan -Start $StartDate -End $_.NotAfter).Days
if ($DaysLeft -lt 1) {
$Under30 = $true
$Expired = $true
$Text = "The Certificate is expired"
} elseif ($DaysLeft -lt 30) {
$Under30 = $true
$Expired = $false
$Text = "The Certificate is but valid about to expire"
} else {
$Under30 = $false
$Expired = $false
$Text = "The Certificate is still valid and not going soon to expire"
}
$FinalDate = Get-Date $_.NotAfter -Format 'dd/MM/yyyy hh:mm'
$Usages = ($_.Extensions | Where-Object {$_.KeyUsages}).KeyUsages
if ($Usages) {
$issuer = '{0}, {1}' -f
([regex] 'O=([^,]+)').Match($_.Issuer).Groups[1].Value,
([regex] 'CN=([^,]+)').Match($_.Issuer).Groups[1].Value
$issuer = $issuer.Trim(", ")
[PSCustomObject]@{
Text = $Text
Issuer = $issuer.TrimStart('"')
Subject = $_.Subject
ExpireDate = $FinalDate
DaysRemaining = $DaysLeft
Usages = $Usages.ToString() -replace ',', ';'
Under30Days = $Under30
Expired = $Expired
}
}
}
$CertsDetail | Where-Object {$_.DaysRemaining -lt 3650 -and $_.Usages -ne ""
} | Export-Csv -NoTypeInformation -Path 'C:\SECnology\Data\Utilities\Certificate_State.csv'
答案 0 :(得分:1)
对于自签名证书,Subject
和Issuer
字段将相同:
# Filter out self-signed certificates
Get-ChildItem -Path $CertPath -Recurse |Where { $_.Subject -ne $_.Issuer }