SSL ( Secure Sockets Layer) is a digital certificate that provides an encrypted connection between server and client and authenticates a website identity. To keep user-sensitive data secure, and provide trust to users, it is very important to check SSL certificate expiration and renew them if they are due. The challenge for support team will be during the renewal activity, checking all the domains which having different certificate became critical job. To overcome the above challenge, we throught to check the powershell script to validate all the domain before and after the renewal activity. Let we discuss how to Check SSL Certificate Expiration Date in PowerShell.
In PowerShell, we can use [Net.HttpWebRequest] to make the HTTP web request to the website and get all properties associated with it, and certificate details. It will help to find the SSL certificate expiration date and other details of certificate.
The System.Net.ServicePoint is the .Net library which provides to manage the collections of ServicePoint objects. ServicePointManager returns the ServicePoint object that contains the information about the internet resource URI.
Check SSL Certificate Expiration Date
Step: 1 Get the URL properties
In the below PowerShell script lines, it uses [Net.HttpWebRequest] to create HTTP web requests to website URI and retrieve the URI properties like Address, ConnectionName, Certificate, etc… in the $webRequest variable.
1 2 3 4 5 6 |
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } # Create Web Http request to URI $uri = "https://www.dotnet-helpers.com" $webRequest = [Net.HttpWebRequest]::Create($uri) |
Step: 2 Retrive the Certificate Start and End date
As we already having the certificate details in the $webRequest, so we can retrive the Certificate Start and end date as shown below.$webRequest.ServicePoint.Certificate gets the certificate details like issuer, Handle, and SSL certificate thumbprint. We can use the GetExpirationDateString() method to check the SSL expiration date for a website using PowerShell.
1 2 3 4 5 6 |
# Get Effective Date of the certificate $Start = $webRequest.ServicePoint.Certificate.GetEffectiveDateString() # Get Expiration Date of the certificate $End = $webRequest.ServicePoint.Certificate.GetExpirationDateString() |
Step: 3 Find the no. of Remaining days for expiration
1 2 3 4 5 6 7 8 9 |
# Calculate the no. of Dates remaining for expiration $ExpirationDays = (New-TimeSpan -Start (Get-Date) -End $end).Days # Prinit the required details Write-Host "Validating for :" $webRequest.Address Write-Host "Certificate Effective Date :" $Start Write-Host "Certificate Expiration Date :" $End Write-Host "No. of days to Expiration :" $ExpirationDays |
Full Code: Check SSL Certificate Expiration Date in PowerShell
Below full code will helps to Check SSL Certificate Expiration Date in PowerShell for single domain, if you want to have multiple urls then place all the domain in the txt file and loop the same code for validation.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 |
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true } # Create Web Http request to URI $uri = "https://www.dotnet-helpers.com" $webRequest = [Net.HttpWebRequest]::Create($uri) # Get Effective Date of the certificate $Start = $webRequest.ServicePoint.Certificate.GetEffectiveDateString() # Get Expiration Date of the certificate $End = $webRequest.ServicePoint.Certificate.GetExpirationDateString() # Calculate the no. of Dates remaining for expiration $ExpirationDays = (New-TimeSpan -Start (Get-Date) -End $end).Days # Prinit the required details Write-Host "Validating for :" $webRequest.Address Write-Host "Certificate Effective Date :" $Start Write-Host "Certificate Expiration Date :" $End Write-Host "No. of days to Expiration :" $ExpirationDays |