CertificateExpiration

1.0.1

functions/Get-CEIssuedCertificate.ps1

                                function Get-CEIssuedCertificate {

    <#

    .SYNOPSIS

        Lists issued certificates.

    .DESCRIPTION

        Lists issued certificates.

    .PARAMETER ComputerName

        The computername of the CA (automatically detects the CA name)

    .PARAMETER FQCAName

        The fully qualified name of the CA.

        Specifying this allows remote access to the target CA.

        '<Computername>\<CA Name>'

    .PARAMETER Properties

        The properties to retrieve

    .PARAMETER UseJea

        A boolean switch to use Just Enough Administration (JEA)

    .PARAMETER Credential

        A PSCredential object to use Credential instead of integrated Account with JEA

    .PARAMETER FilterTemplateName

        with this parameter you have the possibility to specify certain certificate templates as filters

    .EXAMPLE

        PS C:\> Get-CEIssuedCertificate

        Returns all issued certificates from the current computer (assumes localhost is a CA)

    .EXAMPLE

        PS C:\> Get-CEIssuedCertificate -FilterTemplateName <CertificateTemplate>,<CertificateTemplate>

        Returns all filtered issued certificates from the current computer (assumes localhost is a CA)

    .EXAMPLE

        PS C:\> Get-CEIssuedCertificate -FQCAName "ca.contoso.com\MS-CA-01"

#>

    [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSAvoidUsingEmptyCatchBlock', '')]

    [CmdletBinding()]

    param (

        [string[]]

        $ComputerName = $env:COMPUTERNAME,

        [string]

        $FQCAName,

        [String[]]

        $Properties = (

            'Issued Common Name',

            'Certificate Expiration Date',

            'Certificate Effective Date',

            'Certificate Template',

            'Issued Request ID',

            'Certificate Hash',

            'Request Disposition Message',

            'Requester Name',

            'Binary Certificate'

        ),

        [string[]]

        $FilterTemplateName,

        [switch]

        $UseJea,

        [pscredential]

        $Credential

    )

    begin {

        $configPath = (Get-ADRootDSE).configurationNamingContext

        $templates = Get-ADObject -SearchBase $configPath -LDAPFilter '(objectClass=pKICertificateTemplate)' -Properties DisplayName, msPKI-Cert-Template-OID, name

        $parameters = @{

            ArgumentList = $FQCAName, $Properties, $templates, $FilterTemplateName

        }

        if ($Credential){

            $parameters["Credential"] = $Credential

        }

        if ($ComputerName -ne $env:COMPUTERNAME) {

            $parameters["HideComputerName"] = $true

            $parameters["ComputerName"] = $ComputerName

        }

        if ($UseJea) {

            $parameters["ConfigurationName"] = 'JEA_PKI_CertificateExpiration'

            $scriptBlock = { Get-RemoteIssuedCertificate -FQCAName $args[0] -Properties $args[1] -Templates $args[2] -FilterTemplateName $args[3] }

        }

        else {

            $scriptBlock = Get-Content function:Get-RemoteIssuedCertificate

        }

    }

    process {

        Invoke-Command @parameters -ScriptBlock $scriptBlock

    }

}