-1

I have a script here that will return the information I need from the certificates binded in IIS from different web servers. 

$Date = Get-Date
$servers = Get-Content C:\servers.txt

$cert = Foreach ($server in $servers) {
    Invoke-Command -ComputerName $server -ScriptBlock{
        Import-Module WebAdministration; Get-ChildItem -Path IIS:SslBindings | ForEach-Object -Process{
            if ($_.Sites)
                {
                   $certificate = Get-ChildItem -Path CERT:LocalMachine\My |
                        Where-Object -Property Thumbprint -EQ -Value $_.Thumbprint

                    [PSCustomObject]@{
                        Sites = $_.Sites.Value
                        DnsNameList = $certificate.DnsNameList
                        NotAfter = $certificate.NotAfter
                        ExpireInDays = ($certificate.NotAfter - (Get-Date)).Days}
                }
            } 
        }
    } 

$cert | Select PSComputerName, DnsNameList, NotAfter, ExpireInDays | Where-Object {$_.ExpireInDays -lt 30} | Out-File C:\results.txt

This is what the output looks like in notepad:

PSComputerName    DnsNameList    NotAfter                ExpireInDays
--------------    -----------    --------                ------------
ComputerName      {URL.com}      1/1/2050 11:59:59 PM           11744

It returns a long lists of certificates with the supporting details. What I need to do is to put the details for the certificate\s which is\are expiring within 30 days into another TXT file in order for me to parse the content or attach the file itself in an email notification.

If you think there are more other ways to work around or simplify this script, I'm very open to recommendations. Thanks in advance.

Didge
  • 13
  • 5
  • [Send-MailMessage](https://docs.microsoft.com/en-us/powershell/module/Microsoft.PowerShell.Utility/Send-MailMessage?view=powershell-5.1) – Maximilian Burszley Nov 06 '17 at 18:55
  • Well, I need to pass the data returned from the PSCustomObject. I need to validate the values from the ExpireInDays column to trigger an email alert. I do know how to construct an email alert though. I can do it in VBscript and PowerShell. – Didge Nov 06 '17 at 19:07
  • `If ($Cert.ExpireInDays -lt $condition) { ... }` – Maximilian Burszley Nov 06 '17 at 19:13
  • I tried doing that too but it only checks for the last row of data returned from PSCustomObject. – Didge Nov 06 '17 at 19:24

1 Answers1

0

Try something like this, which is taken from a script I use for a similar task:

# Note: It's usually better to filter with Where-Object and then Select-Object
$ExpiringCerts = $cert | Where-Object { $_.ExpireInDays -lt 30 } | Select-Object -Properties PSComputerName, DnsNameList, NotAfter, ExpireInDays;

if ($ExpiringCerts) {
    $MailSettings = @{
        SmtpServer = 'smtp.example.com';
        Port = 25;
        UseSsl = $false;
        Subject = 'Subject Line';
        To = 'to@example.com','other@example.com'
        From = 'from@example.com';
        Body = $ExpiringCerts | ConvertTo-Html -As Table -Fragment | Out-String;
        BodyAsHtml = $true;
    };

    Send-MailMessage @MailSettings;
}

If you really need the results as a file attachment, then you can save the output to a file and use the -Attachment parameter on Send-MailMessage. Usually for this sort of notification using the email body makes a lot more sense, however.

Bacon Bits
  • 26,878
  • 5
  • 51
  • 60
  • Thanks for this, but I do know how to write the script for sending an email. What I require for my script to do is to check the output of the `Foreach` statement, specifically the `ExpireInDays` column, and then, choose the entire row where the `ExpireInDays` value is less than or equal to 30. I can write an `if ($_.ExpireInDays -le 30) { ... }`. Is there a way that I can parse the data for that column and return the row of data where the condition is met? – Didge Nov 06 '17 at 23:03
  • @Didge Then don't save it to a text file formatted as a human readable table. That's totally useless. Use a serialization command like `Export-Csv` and `Import-Csv`, `ConvertTo-Json` and `ConvertFrom-Json`, or `Export-Clixml` and `Import-Clixml`. `ConvertTo-Json` and `Export-Clixml` can preserve some or all underlying datatypes, too. However, I don't understand why you'd need to filter the data to 30 days. Your existing script already does that. – Bacon Bits Nov 06 '17 at 23:31
  • I just looked for it and I think that will work. I'll let you know if I make it work using your suggestion. Thanks to you! – Didge Nov 07 '17 at 15:25