Powershell retrieving cert by Thumbprint as string versus string variable2019 Community Moderator ElectionSetting Windows PowerShell path variableHow do I concatenate strings and variables in PowerShell?Powershell remote install .exe file errors and not finding setup.iss fileHow to pass an xml element to a scriptBlock when using invoke-commandValidate certificate chain with powershellIssues with Powershell Invoke-CommandModifying SSL cert check Powershell script to loop through multiple sitesConnect remote server and execute scriptSearch for a file and assign a path as a variable as a stringPowershell script to scan for Expired SSL certificate for all server in OU not working

The (Easy) Road to Code

PTIJ: Sport in the Torah

Vector-transposing function

Professor forcing me to attend a conference, I can't afford even with 50% funding

Sort array by month and year

Giving a talk in my old university, how prominently should I tell students my salary?

Can I negotiate a patent idea for a raise, under French law?

What would be the most expensive material to an intergalactic society?

Create chunks from an array

Can multiple states demand income tax from an LLC?

Why does a car's steering wheel get lighter with increasing speed

Tabular environment - text vertically positions itself by bottom of tikz picture in adjacent cell

Short story about an infectious indestructible metal bar?

How does learning spells work when leveling a multiclass character?

Should I file my taxes? No income, unemployed, but paid 2k in student loan interest

Use Mercury as quenching liquid for swords?

Why do we call complex numbers “numbers” but we don’t consider 2-vectors numbers?

3.5% Interest Student Loan or use all of my savings on Tuition?

Has a sovereign Communist government ever run, and conceded loss, on a fair election?

What is the purpose of a disclaimer like "this is not legal advice"?

I am the light that shines in the dark

Unidentified signals on FT8 frequencies

How to write a chaotic neutral protagonist and prevent my readers from thinking they are evil?

Is the differential, dp, exact or not?



Powershell retrieving cert by Thumbprint as string versus string variable



2019 Community Moderator ElectionSetting Windows PowerShell path variableHow do I concatenate strings and variables in PowerShell?Powershell remote install .exe file errors and not finding setup.iss fileHow to pass an xml element to a scriptBlock when using invoke-commandValidate certificate chain with powershellIssues with Powershell Invoke-CommandModifying SSL cert check Powershell script to loop through multiple sitesConnect remote server and execute scriptSearch for a file and assign a path as a variable as a stringPowershell script to scan for Expired SSL certificate for all server in OU not working










2















I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.



The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...



I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.



$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue 

foreach($site in $sites)

$serverName
$site.name
$site.physicalPath

foreach($binding in $site.bindings.Collection)

$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName

if($binding.certificateHash)

# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash

# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()

# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()





Example output for a site.



  • Site1

  • D:Appssite1

  • http

  • *:80:Site1-test.ourdomain.com

  • https

  • *:443:Site1-test.ourdomain.com

  • AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  • WebHosting









share|improve this question
























  • oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

    – Dylan Hayes
    2 days ago
















2















I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.



The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...



I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.



$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue 

foreach($site in $sites)

$serverName
$site.name
$site.physicalPath

foreach($binding in $site.bindings.Collection)

$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName

if($binding.certificateHash)

# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash

# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()

# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()





Example output for a site.



  • Site1

  • D:Appssite1

  • http

  • *:80:Site1-test.ourdomain.com

  • https

  • *:443:Site1-test.ourdomain.com

  • AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  • WebHosting









share|improve this question
























  • oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

    – Dylan Hayes
    2 days ago














2












2








2








I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.



The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...



I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.



$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue 

foreach($site in $sites)

$serverName
$site.name
$site.physicalPath

foreach($binding in $site.bindings.Collection)

$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName

if($binding.certificateHash)

# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash

# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()

# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()





Example output for a site.



  • Site1

  • D:Appssite1

  • http

  • *:80:Site1-test.ourdomain.com

  • https

  • *:443:Site1-test.ourdomain.com

  • AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  • WebHosting









share|improve this question
















I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.



The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...



I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.



$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue 

foreach($site in $sites)

$serverName
$site.name
$site.physicalPath

foreach($binding in $site.bindings.Collection)

$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName

if($binding.certificateHash)

# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash

# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting

# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()

# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()





Example output for a site.



  • Site1

  • D:Appssite1

  • http

  • *:80:Site1-test.ourdomain.com

  • https

  • *:443:Site1-test.ourdomain.com

  • AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

  • WebHosting






powershell iis ssl-certificate invoke-command






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited 2 days ago







Dylan Hayes

















asked 2 days ago









Dylan HayesDylan Hayes

1,88111830




1,88111830












  • oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

    – Dylan Hayes
    2 days ago


















  • oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

    – Dylan Hayes
    2 days ago

















oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

– Dylan Hayes
2 days ago






oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?

– Dylan Hayes
2 days ago













1 Answer
1






active

oldest

votes


















2














The computer you invoke the script block on doesn't know about the $binding variable in your local session. (That's also why it works when passing a literal string.)



Try passing the value as argument:



Invoke-Command -Computer $serverName -Script 
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash





share|improve this answer




















  • 1





    thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

    – Dylan Hayes
    2 days ago











  • @DylanHayes Glad it worked. I never use remoting xD Good luck!

    – marsze
    2 days ago










Your Answer






StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027044%2fpowershell-retrieving-cert-by-thumbprint-as-string-versus-string-variable%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









2














The computer you invoke the script block on doesn't know about the $binding variable in your local session. (That's also why it works when passing a literal string.)



Try passing the value as argument:



Invoke-Command -Computer $serverName -Script 
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash





share|improve this answer




















  • 1





    thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

    – Dylan Hayes
    2 days ago











  • @DylanHayes Glad it worked. I never use remoting xD Good luck!

    – marsze
    2 days ago















2














The computer you invoke the script block on doesn't know about the $binding variable in your local session. (That's also why it works when passing a literal string.)



Try passing the value as argument:



Invoke-Command -Computer $serverName -Script 
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash





share|improve this answer




















  • 1





    thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

    – Dylan Hayes
    2 days ago











  • @DylanHayes Glad it worked. I never use remoting xD Good luck!

    – marsze
    2 days ago













2












2








2







The computer you invoke the script block on doesn't know about the $binding variable in your local session. (That's also why it works when passing a literal string.)



Try passing the value as argument:



Invoke-Command -Computer $serverName -Script 
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash





share|improve this answer















The computer you invoke the script block on doesn't know about the $binding variable in your local session. (That's also why it works when passing a literal string.)



Try passing the value as argument:



Invoke-Command -Computer $serverName -Script 
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash






share|improve this answer














share|improve this answer



share|improve this answer








edited yesterday

























answered 2 days ago









marszemarsze

5,52732041




5,52732041







  • 1





    thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

    – Dylan Hayes
    2 days ago











  • @DylanHayes Glad it worked. I never use remoting xD Good luck!

    – marsze
    2 days ago












  • 1





    thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

    – Dylan Hayes
    2 days ago











  • @DylanHayes Glad it worked. I never use remoting xD Good luck!

    – marsze
    2 days ago







1




1





thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

– Dylan Hayes
2 days ago





thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!

– Dylan Hayes
2 days ago













@DylanHayes Glad it worked. I never use remoting xD Good luck!

– marsze
2 days ago





@DylanHayes Glad it worked. I never use remoting xD Good luck!

– marsze
2 days ago



















draft saved

draft discarded
















































Thanks for contributing an answer to Stack Overflow!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027044%2fpowershell-retrieving-cert-by-thumbprint-as-string-versus-string-variable%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Identity Server 4 is not redirecting to Angular app after login2019 Community Moderator ElectionIdentity Server 4 and dockerIdentityserver implicit flow unauthorized_clientIdentityServer Hybrid Flow - Access Token is null after user successful loginIdentity Server to MVC client : Page Redirect After loginLogin with Steam OpenId(oidc-client-js)Identity Server 4+.NET Core 2.0 + IdentityIdentityServer4 post-login redirect not working in Edge browserCall to IdentityServer4 generates System.NullReferenceException: Object reference not set to an instance of an objectIdentityServer4 without HTTPS not workingHow to get Authorization code from identity server without login form

2005 Ahvaz unrest Contents Background Causes Casualties Aftermath See also References Navigation menue"At Least 10 Are Killed by Bombs in Iran""Iran"Archived"Arab-Iranians in Iran to make April 15 'Day of Fury'"State of Mind, State of Order: Reactions to Ethnic Unrest in the Islamic Republic of Iran.10.1111/j.1754-9469.2008.00028.x"Iran hangs Arab separatists"Iran Overview from ArchivedConstitution of the Islamic Republic of Iran"Tehran puzzled by forged 'riots' letter""Iran and its minorities: Down in the second class""Iran: Handling Of Ahvaz Unrest Could End With Televised Confessions""Bombings Rock Iran Ahead of Election""Five die in Iran ethnic clashes""Iran: Need for restraint as anniversary of unrest in Khuzestan approaches"Archived"Iranian Sunni protesters killed in clashes with security forces"Archived

Can't initialize raids on a new ASUS Prime B360M-A motherboard2019 Community Moderator ElectionSimilar to RAID config yet more like mirroring solution?Can't get motherboard serial numberWhy does the BIOS entry point start with a WBINVD instruction?UEFI performance Asus Maximus V Extreme