Friday, 9 September 2022

PKI Expired Certificate Cleanup Script

 # Date define our Certificate Retention period.

$FileName = (Get-date).ToString("dd-MM-yyyy")

 

$Date = (Get-Date).AddDays(-375).ToShortDateString()


# Store List of Certificate which need to take action.

# Disposition Values

# 20 certificate was issued

# 21 certificate is revoked

# 30 certificate request failed

# 31 certificate request is denied


$CollectRow = certutil.exe -view -restrict "Disposition=30,notbefore<=$Date" -out Requestid csv | findstr.exe /v "Issued Request ID"


foreach($DelCert in $CollectRow) {


    Certutil -deleterow $DelCert Request

    $CALog = "$DelCert Successfully Deleted"

    $CALog | Out-File "C:\CAClearLog\$FileName + CAResult-log.txt" -Append


}

Posted by at No comments:

PKI Certificate Cleanup from Issuing Authority

 <# 

.Description 

    The Script will help to delete certificate which we defined in the input file.  

#>


$ExpiredCertficates = Get-Content C:\temp\row1.txt


foreach($ExpiredCertficate in $ExpiredCertficates) {


    Certutil -deleterow $ExpiredCertficate Request


    Write-Host "Deleting Certificate $ExpiredCertficate"


}


Posted by at 1 comment:

PKI Certificate Report

<# 

.Description 

    The Script will help to fetch Certificate Expiration Date as we defined. 

#>


certutil.exe -view -restrict 'disposition=20,NotAfter<=12/1/2019' -out 'RequestID,RequesterName,NotBefore,NotAfter,Disposition,Request.RequestID,Issued Email Address' csv > C:\temp\Issued_Validation.csv


Posted by at No comments:
Subscribe to: Posts (Atom)