Check local certificate store for expired certificate

This script looks inside local machine certificate store for expired certificates. If found, it writes to the event log.

[codesyntax lang=”powershell”]

$ThresholdWarning = "60"   #Set warning date  
$ThresholdError = "30"   #Set error date  
New-EventLog -Source PKI -LogName Application -ErrorAction:SilentlyContinue
$Certs = (Get-ChildItem Cert:\LocalMachine\My)
Foreach ($Cert in $Certs){  
	If ($($Cert.Subject) -notlike "*OU=Servrar, DC=domain, DC=se"){
		$Day = $($Cert.NotAfter - (Get-Date)).Days 
        $Message =  "$($cert.Subject)`n$($cert.Issuer)`n$($cert.NotAfter) `nExpires in $Day Days" 
		If ($Day -le $ThresholdError){
			Write-Eventlog -computername LocalHost -Logname 'Application' -source PKI -eventID 100 -EntryType Error -message $Message -Category 4
			#Write-Host "ERROR! `n$Message" #Debug only
		ElseIf ($Day -le $ThresholdWarning){
			Write-Eventlog -computername LocalHost -Logname 'Application' -source PKI -eventID 100 -EntryType Warning -message $Message -Category 4
			#Write-Host "WARNING! `n$Message" #Debug only


This entry was posted in Powershell, Uncategorized. Bookmark the permalink.