Powershell ile Expire olacak Sertikaların Kontrolü

Kurumlarda gerek websitelerinin gerekse domain authentication işlemlerinde kullanılan sertifikaların önemi oldukça büyüktür. Bazen gözden kaçan ufak bir detay sertifikanın süresinin dolduktan sonra fark edilmesine yol açmaktadır. Tabii ki bundan sonra düzletmek için harcanan çaba ve oluşan stres işin cabası.

Bende bu Case üzerinden yola çıkarak bu durumun nasıl önüne geçebileceğimi, bir script ile bilgilendirmeyi yada ortamda bir SCOM veya HPOM gibi izleme uygulamalarına bu durumu nasıl eskale ederek bir incident oluşturabiliri mi düşünerek bir script yazdım.

Bu script ile Certificate üzerinde gösterdiğim folderlar da 45 gün veya daha az bir süre kalmış olan sertifaları Eventà Application üzerinde yeni bir source oluşturarak 112 numaralı bir Evert ID oluşturmasını sağlıyorum.

Event id 112’yi de ilgili izleme uygulamalarına izleterek bir incident oluşmasını sağlıyorum.

Unarım sizlere de faydası olur.

 

#########################################################################

# Created by Enis 14/04/2015

#########################################################################

 

$Paths= (“cert:\LocalMachine\My”, “cert:\LocalMachine\root”, “cert:\LocalMachine\CA”)

 

$source=”SertifikaExpire”

$Hostbilgisi = Hostname

if ([System.Diagnostics.EventLog]::SourceExists($source) -eq $false)

        {

        [System.Diagnostics.EventLog]::CreateEventSource($source, “Application”)

        }

                

        Foreach ($Path in $Paths)

            {

                $Exp=Get-ChildItem -Recurse -Path $Path | where { $_.notafter -le (get-date).AddDays(45) -AND $_.notafter -gt (get-date)}

                    

                    ForEach ($ExpireName1 in $Exp)

                        {

                         $ExpireName = $ExpireName1.Subject

                         $ExpireDate = $ExpireName1.NotAfter

                    
 

                    

                             if ( $ExpireName1 -ne $null)

                    {

                                     Write-EventLog -LogName Application -Source SertifikaExpire -EntryType Error -Message “$env:computername sunucusunda $ExpireName isimli sertifika $ExpireDate tarihinde expire olacaktir.” -EventId 111

                        
 

                    }

                        
 

 

                        }

                    

            }

        

        

Enis Göktay

Enis Göktay

Enis has more than 15 years of experience in Information Technologies. He holds a Bachelor of Science in Economy and Master of Science degree in Computer Engineering as well as several IT certifications, namely MCITP, MCSE and CISCO Certifications. He has experience from technical support to administering enterprise IT infrastructures including but not limited Active Directory, Messaging Infrastructures, and Networking. Currently, he lives in Istanbul and works as a Sr. Specialist on Microsoft Products, dealing with administration of full life cycle of large, complex, and high available Enterprise IT infrastructures. His certifications include:

:: MCSE Data Platform,
:: MCSE Private Cloud,
:: MCSE Messaging,
:: MCSE Communication,
:: MCSE Server Infrastructure,
:: MCITP Enterprise Messaging on Exchange 2010
:: Microsoft Specialist - Server Virtualization with Windows Server Hyper-V and System Center Specialist
:: MCITP Enterprise Administrator 2008
:: MCITP Windows Server 2008,
:: MCSA: SQL Server,
:: MCSA: Office 365 Certification
:: MCSA Windows Server 2008,
:: MCTS Microsoft Exchange Server 2010, Configuring
:: MCTS Windows Server® 2008 Network Infrastructure, Configuration
:: MCTS Windows Server® 2008 Active Directory, Configuration
:: MCTS Monitoring and Operating a Private Cloud with System Center 2012
:: MCP (Microsoft Certified Professional)
:: CCNA
Enis Göktay

Leave a Reply

Your email address will not be published. Required fields are marked *

Post Navigation