Get-RemoteCert.psm1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
<#
 .Synopsis
  Get the Certificate details for any Website, allows user to download the certificate. This can be used for keeping track of the certificate details, change history.
   
 .Description
  Get the Certificate details for any Website, allows user to download the certificate. This can be used for keeping track of the certificate details, change history.
   
 .Parameter URL
  URL, in complete format
   
 .Example
  Get-RemoteCert -URL https://Bing.com/
  Get-RemoteCert -URL https://Bing.com/ -Export
   
#>


#------------------------------------------------------------------------------
#
#
# THIS CODE AND ANY ASSOCIATED INFORMATION ARE PROVIDED “AS IS” WITHOUT
# WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT
# LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND/OR FITNESS
# FOR A PARTICULAR PURPOSE. THE ENTIRE RISK OF USE, INABILITY TO USE, OR
# RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE USER.
#
#------------------------------------------------------------------------------


Function Get-RemoteCert {

Param(

    [Parameter(Mandatory=$true,
    ValueFromPipeline=$true)]
    [system.uri]$URL,

    [Parameter(Mandatory=$false)]
    [Switch]$Export

)

$err =$null

# Disabling Certificate check
#[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$True}

# Custom Object part
$Certificatedetails = New-Object -TypeName PSObject

# Server part

 if ($url.Scheme -eq 'https'){

$web_server = [net.webrequest]::Create($url)

# Disable Redirect and Cache Policy
$web_server.AllowAutoRedirect=$false
$cachepol = [System.Net.Cache.RequestCacheLevel]::NoCacheNoStore
$web_server.CachePolicy=$cachepol

Try{
$web_Server_res = $web_server.GetResponse()
}
Catch
{
$err = $_
}

if($err -ne $null){
Write-Error $($err.Exception.InnerException.Message)
$Certificatedetails | Add-Member -Name Error -MemberType Noteproperty -Value $($err.Exception.InnerException.Message) 
}

$web_Server_res.Close()

$Server_IP_Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection($web_server.ServicePoint.Certificate)


#Date
$date = get-date

#Expire
$exp = $Server_IP_Cert.NotAfter - $date



# Object udpate
$Certificatedetails | Add-Member -Name TestDate -MemberType Noteproperty -Value $($date.ToUniversalTime())
$Certificatedetails | Add-Member -Name Hostname -MemberType Noteproperty -Value $($web_server.Address.Host)
$Certificatedetails | Add-Member -Name Thumbprint -MemberType Noteproperty -Value $($Server_IP_Cert.Thumbprint)
$Certificatedetails | Add-Member -Name Subject -MemberType Noteproperty -Value $($Server_IP_Cert.Subject)
$Certificatedetails | Add-Member -Name Issuer -MemberType Noteproperty -Value $($Server_IP_Cert.Issuer)
$Certificatedetails | Add-Member -Name NotAfter -MemberType Noteproperty -Value $($Server_IP_Cert.NotAfter)
$Certificatedetails | Add-Member -Name NotBefore -MemberType Noteproperty -Value $($Server_IP_Cert.NotBefore)
$Certificatedetails | Add-Member -Name DNSnamelist -MemberType Noteproperty -Value $($Server_IP_Cert.DNSnamelist)
$Certificatedetails | Add-Member -Name SignatureAlgorithm -MemberType Noteproperty -Value $($Server_IP_Cert.SignatureAlgorithm.FriendlyName)
$Certificatedetails | Add-Member -Name Version -MemberType Noteproperty -Value $($Server_IP_Cert.Version)

If($Server_IP_Cert.NotAfter -gt $date){
$Certificatedetails | Add-Member -Name DaysToExpire -MemberType Noteproperty -Value $($exp.Days)
}
Else{
$D2E = "Expired or not applicable: $($exp.Days)"
$Certificatedetails | Add-Member -Name DaysToExpire -MemberType Noteproperty -Value $D2E
}

# Output
$Certificatedetails

#Export
if($Export -eq $true){
Write-host "Certificate will be exported to $($home)" -ForegroundColor Green
$certexpo = $Server_IP_Cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert, "")
$outPfxPath = $home+"\$($web_server.Address.Host)-$($Server_IP_Cert.Thumbprint).cer"
[io.file]::WriteAllBytes($outPfxPath, $certexpo)
}
}
Else{Write-Warning "Enter HTTPS URL"}


} # Func End

Export-ModuleMember -Function Get-RemoteCert