Powershell retrieving cert by Thumbprint as string versus string variable2019 Community Moderator ElectionSetting Windows PowerShell path variableHow do I concatenate strings and variables in PowerShell?Powershell remote install .exe file errors and not finding setup.iss fileHow to pass an xml element to a scriptBlock when using invoke-commandValidate certificate chain with powershellIssues with Powershell Invoke-CommandModifying SSL cert check Powershell script to loop through multiple sitesConnect remote server and execute scriptSearch for a file and assign a path as a variable as a stringPowershell script to scan for Expired SSL certificate for all server in OU not working
The (Easy) Road to Code
PTIJ: Sport in the Torah
Vector-transposing function
Professor forcing me to attend a conference, I can't afford even with 50% funding
Sort array by month and year
Giving a talk in my old university, how prominently should I tell students my salary?
Can I negotiate a patent idea for a raise, under French law?
What would be the most expensive material to an intergalactic society?
Create chunks from an array
Can multiple states demand income tax from an LLC?
Why does a car's steering wheel get lighter with increasing speed
Tabular environment - text vertically positions itself by bottom of tikz picture in adjacent cell
Short story about an infectious indestructible metal bar?
How does learning spells work when leveling a multiclass character?
Should I file my taxes? No income, unemployed, but paid 2k in student loan interest
Use Mercury as quenching liquid for swords?
Why do we call complex numbers “numbers” but we don’t consider 2-vectors numbers?
3.5% Interest Student Loan or use all of my savings on Tuition?
Has a sovereign Communist government ever run, and conceded loss, on a fair election?
What is the purpose of a disclaimer like "this is not legal advice"?
I am the light that shines in the dark
Unidentified signals on FT8 frequencies
How to write a chaotic neutral protagonist and prevent my readers from thinking they are evil?
Is the differential, dp, exact or not?
Powershell retrieving cert by Thumbprint as string versus string variable
2019 Community Moderator ElectionSetting Windows PowerShell path variableHow do I concatenate strings and variables in PowerShell?Powershell remote install .exe file errors and not finding setup.iss fileHow to pass an xml element to a scriptBlock when using invoke-commandValidate certificate chain with powershellIssues with Powershell Invoke-CommandModifying SSL cert check Powershell script to loop through multiple sitesConnect remote server and execute scriptSearch for a file and assign a path as a variable as a stringPowershell script to scan for Expired SSL certificate for all server in OU not working
I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.
The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...
I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.
$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue
foreach($site in $sites)
$serverName
$site.name
$site.physicalPath
foreach($binding in $site.bindings.Collection)
$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName
if($binding.certificateHash)
# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash
# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()
# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()
Example output for a site.
- Site1
- D:Appssite1
- http
- *:80:Site1-test.ourdomain.com
- https
- *:443:Site1-test.ourdomain.com
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- WebHosting
powershell iis ssl-certificate invoke-command
add a comment |
I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.
The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...
I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.
$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue
foreach($site in $sites)
$serverName
$site.name
$site.physicalPath
foreach($binding in $site.bindings.Collection)
$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName
if($binding.certificateHash)
# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash
# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()
# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()
Example output for a site.
- Site1
- D:Appssite1
- http
- *:80:Site1-test.ourdomain.com
- https
- *:443:Site1-test.ourdomain.com
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- WebHosting
powershell iis ssl-certificate invoke-command
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago
add a comment |
I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.
The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...
I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.
$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue
foreach($site in $sites)
$serverName
$site.name
$site.physicalPath
foreach($binding in $site.bindings.Collection)
$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName
if($binding.certificateHash)
# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash
# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()
# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()
Example output for a site.
- Site1
- D:Appssite1
- http
- *:80:Site1-test.ourdomain.com
- https
- *:443:Site1-test.ourdomain.com
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- WebHosting
powershell iis ssl-certificate invoke-command
I'm trying to piece together some PowerShell code to loop through a list of servers, return some info regarding their IIS sites and bindings, and if they have an https binding, get the certificateHash and use that locate the cert by thumbprint and return its expiration date.
The problem I am having is, when i run my code below $binding.cerficateHash seems to return what I would expect, a string of the cert Hash, but when I use that certificateHash property to try and get the cert by its thumbprint, it doesnt work... but when I take the raw string value of the certificateHash value and hardcode it, it works...
I've inspected the certificateHash.GetType() and it appears to be just a string, so i dont understand what im doing wrong, and ive tried a handful of things, with no avail, granted this is my first crack at powershell so there's lots I don't know.
$sites = Invoke-Command -ComputerName $serverName Import-Module WebAdministration; Get-ChildItem -path IIS:Sites -ErrorAction SilentlyContinue
foreach($site in $sites)
$serverName
$site.name
$site.physicalPath
foreach($binding in $site.bindings.Collection)
$binding.protocol
$binding.bindingInformation
$binding.certificateHash
$binding.certificateStoreName
if($binding.certificateHash)
# This outputs AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
$binding.certificateHash
# this retrieves a cert and returns its expiration date, Woohooo!
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# this does not find a cert, and ive tried many things, and no dice.
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock (Get-ChildItem -path Cert:LocalMachineWebHosting
# i've tried extracting the hash via "tostring" and using that, no dice
$hash = $binding.certificateHash.ToString()
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -eq $hash )[0].GetExpirationDateString()
# i've tried adding some wildcards and using the -like operator, no dice.
$hash = "*" + $binding.certificateHash + "*"
Start-Job Invoke-Command -ComputerName $serverName -ScriptBlock Where-Object $_.Thumbprint -lilke $hash )[0].GetExpirationDateString()
Example output for a site.
- Site1
- D:Appssite1
- http
- *:80:Site1-test.ourdomain.com
- https
- *:443:Site1-test.ourdomain.com
- AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
- WebHosting
powershell iis ssl-certificate invoke-command
powershell iis ssl-certificate invoke-command
edited 2 days ago
Dylan Hayes
asked 2 days ago
Dylan HayesDylan Hayes
1,88111830
1,88111830
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago
add a comment |
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago
add a comment |
1 Answer
1
active
oldest
votes
The computer you invoke the script block on doesn't know about the $binding
variable in your local session. (That's also why it works when passing a literal string.)
Try passing the value as argument:
Invoke-Command -Computer $serverName -Script
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027044%2fpowershell-retrieving-cert-by-thumbprint-as-string-versus-string-variable%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
The computer you invoke the script block on doesn't know about the $binding
variable in your local session. (That's also why it works when passing a literal string.)
Try passing the value as argument:
Invoke-Command -Computer $serverName -Script
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
add a comment |
The computer you invoke the script block on doesn't know about the $binding
variable in your local session. (That's also why it works when passing a literal string.)
Try passing the value as argument:
Invoke-Command -Computer $serverName -Script
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
add a comment |
The computer you invoke the script block on doesn't know about the $binding
variable in your local session. (That's also why it works when passing a literal string.)
Try passing the value as argument:
Invoke-Command -Computer $serverName -Script
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash
The computer you invoke the script block on doesn't know about the $binding
variable in your local session. (That's also why it works when passing a literal string.)
Try passing the value as argument:
Invoke-Command -Computer $serverName -Script
param ($hash)
(gci Cert:LocalMachineWebHosting -Arg $binding.certificateHash
edited yesterday
answered 2 days ago
marszemarsze
5,52732041
5,52732041
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
add a comment |
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
1
1
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
thank you big time! not only does that solve my issue, but i think you just helped me connect a pretty big dot when invoking commands on remote machines!
– Dylan Hayes
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
@DylanHayes Glad it worked. I never use remoting xD Good luck!
– marsze
2 days ago
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55027044%2fpowershell-retrieving-cert-by-thumbprint-as-string-versus-string-variable%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
oh interesting, so when you invoke the command you are invoking it on remote machine, so you are running in the "context" of that machine. so you're saying it doesnt know what that variable is... is there a way to pass that info without hardcoding it?
– Dylan Hayes
2 days ago