我们正在清理我们的服务器环境,需要找到所有过期的证书并删除它们。该环境由Windows 2008 R2,Windows 2012,Windows 2012 R2服务器组成
我已经尝试了几个不起作用的已发布脚本,他们只是说完成没有输出。我尝试在stackoverflow中发布一个:Powershell Script to remove expired certificates。我也尝试了下面的一些脚本,但没有运气。使用指纹即可,但我需要摆脱所有过期的证书
'''
Get-ChildItem Cert:\ LocalMachine \ My \ D20159B7772E33A6A33E436C938C6FE764367396 |除去项目
Get-ChildItem Cert:\ LocalMachine \ My | Where-Object {$ _。Subject -match'Frode F'} | Remove-Item''''''$ today = Get-Date Get-ChildItem Cert:\ CurrentUser \ My | Where-Object NotAfter -lt $ today |除去项目
Get-ChildItem Cert:\ CurrentUser \ My | ForEach-Object -begin {$ now = get-date} -process {if($ PSItem.NotAfter -lt $ now){$ PSItem}} |除去项目 '''
我想要实现的是在列表中的所有服务器上删除所有过期的证书,利用引用文本文件中的服务器列表的foreach语句,然后熄灭并删除从昨天和更早的日期到期的所有证书
你们能想到的任何东西对我都有很大的帮助
任何帮助是极大的赞赏
您是说您正在尝试删除通过ADCS发布的本地证书或证书?
你说你已经尝试了很多样品,但是你试过这些:
Remove Local Windows Certificate Store Expired Certificates
使用此脚本,您将能够运行,检测并删除受影响的本地计算机上的所有过期证书。检查所有证书存储(用户,服务和计算机)并根据日期(运行时)检测任何过期的证书,直到运行日期为止。
下载:Remove_local_expired_v2.ps1
Script to query/delete (expired) certificates from a AD-CS (CA /PKI) database
此清理-MSPKI_Cert.ps1 PowerShell脚本包含3个用于CA(证书颁发机构)AD-CS(ActiveDirectory-CertificationAuthority)维护的功能。您可以筛选某个模板颁发的证书,如果已过期也可以删除它们!
下载:Cleanup_MSPKI_Cert_v1.2.ps1
或者使用MS powershellgallery.com的完整PKI模块
'*pki*','*certificate*' |
ForEach {Find-Module -Name $PSItem } |
Format-Table -AutoSize
# Results
Version Name Repository Description
------- ---- ---------- -----------
1.6 PKITools PSGallery Get certificates and Templates ...
3.4.1.0 PSPKI PSGallery This module contains public key ...
0.0.5 CustomPKI PSGallery Extended PKI CmdLets
3.2.0.0 xCertificate PSGallery This module includes DSC resources ...
4.5.0.0 CertificateDsc PSGallery This module includes DSC resources ...
0.0.4 SelfSignedCertificate PSGallery WARNING: This module is ...
1.0 cEprsCertificate PSGallery This module instals certificates, ...
1.0.0.1 azureVpnP2SSelfSignedCertificate PSGallery A PowerShell module to help generate ...
1.4 CertificateHealth PSGallery Certificate Health Check Module
1.5 CertificatePS PSGallery A module to enhance certificate ...
0.2.0 ExportBase64Certificate PSGallery Export certificates from the local ...
1.0 ACMEDNS01Certificate PSGallery Generate SSL Certificates using ...
0.2 Get-ADUserCertificate PSGallery simple module to get single or ....
2.1.0 RDPCertificate PSGallery A module for generating and apply....
1.0.0.2 PowerShell.X509Certificate.Utility PSGallery A PowerShell X509Certificate Utili...
1.2.5 Get-WebCertificate PSGallery This script makes an HTTPS web ...
1.0 xCertificatePrivateKeyAccess PSGallery This resource helps you manage cer...