Forum Discussion

Kirk_51216's avatar
Icon for Nimbostratus rankNimbostratus
Jan 18, 2012

Powershell list certificates




I am trying to list all the details for certificates used in SSL profiles using Powershell.



This is the code I am using:



Initialize-F5.iControl -hostname $g_bgip -username $user -password $pass|out-null


$g_ic = Get-F5.iControl



$certs = ($g_ic).ManagementKeyCertificate.get_certificate_list('1');


mode 1 is used for brevity - there is only 1 MANAGEMENT_MODE_WEBSERVER certificate



write-host $certs.count "Certs"


this returns a count of 1






$cert = $certs.certificate.serial_number;


write-host "Serial number is $cert"



$certs|format-list returns



is_bundled : False


file_name : /config/httpd/conf/ssl.crt/server.crt


certificate : iControl.ManagementKeyCertificateCertificateDetail



$certs.certificate.version does not return anything at all.



I tried using ManagementKeyCertificateCertificateDetail and variations of, in the $certs and $cert variables with no luck.



Can anybody see where I am going wrong?




5 Replies

  • Nevermind - I figured out it was an indexed array.

    for($i=0; $i -lt $certs.count; $i++) { 
        $certdate = $certs[$i].certificate.expiration_string; 
        $certcn = $certs[$i].certificate.subject.common_name; 
        write-host "Common Name is $certcn" 
        write-host "Expiration date is $certdate" 
    • TESTING_32412's avatar
      Icon for Nimbostratus rankNimbostratus
      Hi Can you please give the full code you have used, that would help others too.
  • Hi , 
    i wrote something with powershell that can be use.
    the script export the SSL certificates - calculate the expiration date 60 days back and send the report in table to email (if you have mail relay)
    the script : 
    Add-PSSnapin iControlSnapIn
    $f5_VA_1= "big_ip_address_no1"
    $f5_va_3 = "big_ip_address_no2"
    $f5_ams_1 = "big_ip_address_no3"
    $f5_all = @("$f5_VA_1","$f5_va_3","$f5_ams_1")
    $table = $null
    $row = $null
     Create the Report Table
    $tabName = "Table"
     Create Table object
    $table = New-Object system.Data.DataTable &8220;$tabName&8221;
     Define Columns
    $col1 = New-Object system.Data.DataColumn $ColumnName1,([string])
    $col2 = New-Object system.Data.DataColumn $ColumnName2,([string])
    $col3 = New-Object system.Data.DataColumn $ColumnName3,([string])
    $col4 = New-Object system.Data.DataColumn $ColumnName4,([string])
     $col5 = New-Object system.Data.DataColumn $ColumnName5,([string])
     Add the Columns
    $row = $null
     Create a row
            $row = $table.NewRow()
            Enter data in the row
            $row.$ColumnName1 = "$f5"
            $row.$ColumnName2 = "$certcn"
            $row.$ColumnName3 = "$certdate"
            $row.$ColumnName4 = "Please Check the Certificate Status"
            Add Row to Table
            $certcn = $null
        foreach ($f5 in $f5_all){
        <pre class="prettyprint lang-tcl">`Initialize-F5.iControl -Hostname $f5 -username admin -Password Big-IP_password
        $begin = Get-Date -UFormat &quot;%m/%d/%Y&quot;
        $now = (get-date).AddDays(-60)
        $g_ic = Get-F5.iControl
        $ErrorActionPreference = &quot;silentlycontinue&quot;
        $certs = ($g_ic).ManagementKeyCertificate.get_certificate_list('0');
            for($i=0; $i -le $certs.count; $i++) {
                $certdate = $certs[$i].certificate.expiration_string; 
                $certcn = $certs[$i].certificate.subject.common_name;
        <pre class="prettyprint lang-tcl">`    $certdate1 = ($certdate -split ' ')[0,1,3] 
        $certdate2 = $certdate1[0] +&quot; &quot; + $certdate1[1] +&quot; &quot; + $certdate1[2]
           $certdate3 = [datetime]::ParseExact($certdate2,&quot;MMM dd yyyy&quot;,$null)
           $monthdiff = ($certdate3 - [datetime]$begin).TotalDays 
        <pre class="prettyprint lang-tcl">` Get certificates from all F5 
           if($monthdiff -le 60 -and $certcn -ne $null){
            $row = $table.NewRow()
            Enter data in the row
            $row.$ColumnName1 = $f5
            $row.$ColumnName2 = &quot;$certcn&quot;
            $row.$ColumnName3 = &quot;$certdate3&quot;
            $row.$ColumnName4 = &quot;the certificate $certcn will expire in $monthdiff days&quot;
            Add Row to Table
     Send Report if Error exist
    if ($table -ne $null){
        $Header = @&quot;
    TABLE {border-width: 1px;border-style: solid;border-color: black;border-collapse: collapse;}
    TH {border-width: 1px;padding: 3px;border-style: solid;border-color: black;background-color: 6495ED;}
    TD {border-width: 1px;padding: 3px;border-style: solid;border-color: black;}
    $bodytable = $table | select $ColumnName1,$ColumnName2,$ColumnName3,$ColumnName4 | ConvertTo-Html -Head $Header  -PreContent $Pre -PostContent $Post
     only if you have mail relay
    $mailfrom=&quot;from where you get mail&quot;
    Send-MailMessage -To &quot;mailto&quot; -Subject &quot;certificates&quot; -Body &quot;$bodytable&quot;` -BodyAsHTML -SmtpServer $smtp -From $mailfrom
    Liran Ben-Abu
    DevOps Engineer at Perion network LTD.
    • Red-Erik_144667's avatar
      Icon for Nimbostratus rankNimbostratus
      Please, put the code in a readeble format. Too many HTML chars so it'0s really difficult to grab and use it. Thank You very much. Regards. Red.
    • Liran_Ben_Abu_2's avatar
      Icon for Nimbostratus rankNimbostratus
      Hi Eric, from some reason the HTML chars showing up also in Code format , if you need the code please enter to this URL Thank you a lot :]