Collecting Servers Certificate Report with PowerShell
IF you are looking to gather a report about installed
certificates on your servers, here is simple script to get the work done. Script
will need to be provided input file on line 125 as follows
|
#(6)_.Prepare list of computers array here
, TXT file has computernames $ServerList = 'C:\Temp\Reports\ServerList.TXT'
|
Make sure you have TXT file and server names listed as below
|
Server1 Server2 Server3 |
|
<#
.NOTES #============================================= # Script : Certificate-Report.ps1 # Created
: ISE 3.0 # Author(s) : Casey.Dedeal # Date : 07/14/2020 16:22:58 # Org : ETC Solutions # File Name : Certificate-Report. # Comments : # Assumptions : #============================================== SYNOPSIS : Certificate-Report. DESCRIPTION : Getting certificate report Acknowledgements : Open license Limitations : None Known issues : None Credits : None .EXAMPLE
.\Certificate-Report.ps1
MAP:
-----------
#(1)_.Add Log Vars
#(2)_.Start transcript
#(3)_.Function-create-ReportFolder
#(4)_.Function write to logs
#(5)_.Function time stamp
#(6)_.Prepare list of computers array here , TXT file has
computernames
#(7)_.Check import file, stop if not found
#(8)_.Function Get Cert Report
#(9)_.Get Content now
#(10)_.Run Array
#(11)_.Start Looping
#(12)_.Stop transcript
#(13)_.Open Report Folder #> #(1)_.Add Log Vars $repname = 'CERTIFICATE-REPORT' $logout = $repname+'-Log.TXT' $csvout = $repname+'-Log.CSV' $repout = $repname+'-DETAILED.CSV' $traout = $repname+'-Transcript.LOG' $errout = $repname+'-ERROR.LOG' $now = (Get-Date -format 'dd-MMM-yyyy-HH-mm-ss-') $luser = $env:USERNAME $desFol = "C:\Users\$luser\Desktop\Reports_\$repname\" $logTXT = $desFol+$now+$logout $logCSV = $desFol+$now+$csvout $repCSV = $desFol+$now+$repout $scrTXT = $desFol+$now+$traout $serrTXT = $desFol+$now+$errout #(2)_.Start transcript Start-Transcript -Path $scrTXT #(3)_.Function-create-ReportFolder function Function-create-ReportFolder{ [CmdletBinding()] param( [parameter( Mandatory =
$true,
ValueFromPipeline = $true)] [string]$ReportPath) Try{ if (!(Test-Path -Path $ReportPath)) { New-Item -Type Directory -Path
$ReportPath -ErrorAction
Stop |
Out-Null } }catch{ $errormessage =
$($PSItem.ToString()) Write-Warning 'Error
has occoured' Write-host 'Problem
FOUND:' $errormessage -ForegroundColor Red
-BackgroundColor Black } } Function-create-ReportFolder -ReportPath $desFol
#(4)_.Function write to logs function Write-Log
{ [CmdletBinding()] param( [Parameter()] [ValidateNotNullOrEmpty()] [string]$Message, [Parameter()] [ValidateNotNullOrEmpty()] [ValidateSet('Information','Warning','Error')] [string]$Severity = 'Information' ) [pscustomobject]@{ Time = (Get-Date -f g) Message = $Message Severity = $Severity } | Export-Csv -Path $logCSV -Append -NoTypeInformation } #(5)_.Function time stamp function Function-Get-TimeStamp
{ return '[{0:MM/dd/yy}
{0:HH:mm:ss}]' -f (Get-Date) } #(6)_.Prepare list of computers array here
, TXT file has computernames $ServerList = 'C:\Temp\Reports\ServerList.TXT' #(7)_.Check import file, stop if not found function Function-Check-CSV-Input{ [CmdletBinding()] param( [parameter( Mandatory =
$true,
ValueFromPipeline = $true)] [string]$ReportPath) Try{ if (!(Test-Path -Path $ReportPath)) { Write-host 'Import file
CANNOT be located' -ForegroundColor Yellow Write-Host 'Script will
STOP' Start-Sleep -Seconds
5 break; } }catch{ $errormessage =
$($PSItem.ToString()) Write-Warning 'Error
has occoured' Write-host 'Problem
FOUND:' $errormessage -ForegroundColor Red
-BackgroundColor Black } } Function-Check-CSV-Input -ReportPath $ServerList #(8)_.Function Get Cert Report function Function-Cert-Report { [cmdletbinding()] param( [parameter(Position=0, ValueFromPipeline=$true,
ValueFromPipelineByPropertyName=$true)] [string]$ServerName ) Begin { } Process { $Certs = Invoke-Command -Computername
$ServerName -Scriptblock
{Get-ChildItem "Cert:\LocalMachine\My"} $Certs | select PSComputerName,Subject,Issuer,Thumbprint,FriendlyName,NotBefore,NotAfter } End { } } #(9)_.Get Content now $array = Get-Content -Path $ServerList
$totalServers = ($array).count $i = 1 #(10)_.Run Array Clear-Host write-host $null Write-host 'REPORT' Write-host '++++++++++++++++++++++++++++++++++++++++++++++++++++++'
-ForegroundColor DarkYellow Write-host ' (1)_.Located total servers' $totalServers Write-host ' (3)_.Script run by :' $luser Write-host '++++++++++++++++++++++++++++++++++++++++++++++++++++++'
-ForegroundColor DarkYellow Write-host 'Report time:' -NoNewline; Function-Get-TimeStamp
Read-Host 'Press <ENTER> to continue creating Cert report' #(11)_.Start Looping $Report = foreach ($Server in $array) { Try{ $message1 = "($i)_.Processing
sever:($Server)" $message2 = 'Completed' Write-Progress -activity "Processing:$Server "
-status "$i out of $totalServers
completed" Write-host $message1 -ForegroundColor
Yellow Write-Log -Message $message1
-Severity Information Function-Cert-Report -ServerName $Server | Export-CSV -Path $repCSV -Append -NoTypeInformation Write-Log -Message $message2
-Severity Information }Catch{ $errofile =
$($PSItem.ToString()) Write-Warning 'ERROR
has occoured' Write-host 'PROBLEM
FOUND' $errofile -ForegroundColor red
-BackgroundColor Black Write-Log -Message $message2 -Severity
Error } $i++ } #(12)_.Stop transcript Stop-Transcript | out-null #(13)_.Open Report Folder Read-host 'Press <ENTER> to open reports folder' start $desFol |
Good luck with your deployment and if you need any assistance fell free to reach out.
Azure Solutions Architect
AWS Certified Cloud Practitioner
Azure Certified Security Engineer Associate
https://simplepowershell.blogspot.com
https://cloudsec365.blogspot.com
https://msazure365.blogspot.com
https://twitter.com/Message_Talk
