How to get the expiration date after a certificate deployment?

Duchemin, Dominique 1,681 Reputation points


I am looking for a process in Configuration Manager to get the expiration date on a certificate.
I just deployed a certificate and it is placed in an application folder as CA.cer.



Windows Server PowerShell
Windows Server PowerShell
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.PowerShell: A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
4,892 questions
Microsoft Configuration Manager
{count} votes

Accepted answer
  1. Luis Rodriguez 6,136 Reputation points Microsoft Employee

    Hi @Duchemin, Dominique

    Welcome to Microsoft Q&A Platform.

    Can you try using the cmdlet "Get-ChildItem"?, for example:

    Get-ChildItem -path cert:\LocalMachine\My | Select-Object NotAfter, Subject  

    For reference:

    I hope this helps!


    Please don’t forget to "Accept the answer" and “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. AllenLiu-MSFT 27,751 Reputation points Microsoft Vendor

    Hi, @Duchemin, Dominique

    Thank you for posting in Microsoft Q&A forum.

    ConfigMgr doesn't collect any information about certificate by default.
    You may start for adding this follow this article:
    (Please Note: Since the website is not hosted by Microsoft, just for your reference.)

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments No comments

  2. Limitless Technology 37,771 Reputation points

    Hello @Duchemin, Dominique

    Not sure I understand your question. System Center is not the right tool to monitor certificate expiration dates, but they need to be controlled from the CA role in Windows or using powershell.

    I can recommend the next official guide to obtain different information from the certificates installed in your environment and even export to a CSV to keep it documented.

    If you query is different than this, please add more details and specifics of what has been done, and what you are are trying to achieve.

    Hope this helps with your query,

    --If the reply is helpful, please Upvote and Accept as answer--

    1 person found this answer helpful.
    0 comments No comments