Share via

How to get the expiration date after a certificate deployment?

Duchemin, Dominique 2,011 Reputation points
2022-04-21T02:33:58.14+00:00

Hello,

I am looking for a process in Configuration Manager to get the expiration date on a certificate.
I just deployed a certificate and it is placed in an application folder as CA.cer.

Powershell?

Thanks,
Dom

Windows for business | Windows Server | User experience | PowerShell
Microsoft Security | Intune | Configuration Manager | Other
Answer accepted by question author
  1. Luis Rodriguez 6,231 Reputation points Microsoft Employee
    2022-04-21T08:46:08.597+00:00

    Hi @Duchemin, Dominique

    Welcome to Microsoft Q&A Platform.

    Can you try using the cmdlet "Get-ChildItem"?, for example: 

    Get-ChildItem -path cert:\LocalMachine\My | Select-Object NotAfter, Subject

    For reference: https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.security/about/about_certificate_provider?view=powershell-7.2

    I hope this helps!

    ----------

    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments

2 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. AllenLiu-MSFT 49,436 Reputation points Microsoft External Staff
    2022-04-22T07:28:49.26+00:00

    Hi, @Duchemin, Dominique

    Thank you for posting in Microsoft Q&A forum.

    ConfigMgr doesn't collect any information about certificate by default.
    You may start for adding this follow this article:
    http://www.sccm-tools.com/tools/vbscript/vbscript-certificates.html
    (Please Note: Since the website is not hosted by Microsoft, just for your reference.)

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments
  2. Limitless Technology 40,076 Reputation points
    2022-04-25T03:33:50.007+00:00

    Hello @Duchemin, Dominique

    Not sure I understand your question. System Center is not the right tool to monitor certificate expiration dates, but they need to be controlled from the CA role in Windows or using powershell.

    I can recommend the next official guide to obtain different information from the certificates installed in your environment and even export to a CSV to keep it documented.

    https://devblogs.microsoft.com/scripting/get-certificate-info-into-a-csv-by-using-powershell/

    If you query is different than this, please add more details and specifics of what has been done, and what you are are trying to achieve.

    Hope this helps with your query,

    ---------
    --If the reply is helpful, please Upvote and Accept as answer--

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.