Powershell – How to use PowerShell to find a website’s certificate

certificateiis-7.5powershellpowershell-2.0ssl-certificate

I am trying to use PowerShell to query a website and see what SSL certificate (name) it is using for HTTPS bindings. Then I would like to trace back to see what CA issued the cert.

I am having trouble querying the website to find out what SSL certificate is bound. The IIS 7.5 GUI shows a friendly name.

After I get the websites SSL certificate the plan is to use PowerShell to search the Certificate stores by FriendlyName (or thumbprint, or some other value).

Here is what I have so far:

Query store for cert info:

get-childitem cert:\LocalMachine\my | ft issuer, subject, notafter, FriendlyName

check for active bindings

get-itemproperty 'IIS:\Sites\(SITENAME)' -name bindings

I'm not sure where this information is stored, and I have no luck searching for it with PowerShell, in the web.config and applicationhost.config. Google searching has not been helpful so far.

Any info, links to information, or documentation on how certs are handled / stored in IIS is appreciated.

Best Answer

To get the site SSL binding check out: IIS:\SslBinding

You can get the binding port like this:

dir IIS:\SslBindings | ? {$_.Port -eq 1443} | Select *

The Thumbprint and Store properties will be of interest.

You can get the actual cert using:

get-item cert:\LocalMachine\$theStore\$theThumbprint

e.g.

get-item cert:\LocalMachine\My\29F025A78F537D931A8CF05B00EB81DB84160CF3 | select *

Related Solutions

Windows – How to run a PowerShell script

Launch Windows PowerShell, and wait a moment for the PS command prompt to appear
Navigate to the directory where the script lives
```
PS> cd C:\my_path\yada_yada\ (enter)
```
Execute the script:
```
PS> .\run_import_script.ps1 (enter)
```

What am I missing??

Or: you can run the PowerShell script from cmd.exe like this:

powershell -noexit "& ""C:\my_path\yada_yada\run_import_script.ps1""" (enter)

according to this blog post here

Or you could even run your PowerShell script from your C# application :-)

Asynchronously execute PowerShell scripts from your C# application

Powershell – How to comment out code in PowerShell

In PowerShell V1 there's only # to make the text after it a comment.

# This is a comment in PowerShell

In PowerShell V2 <# #> can be used for block comments and more specifically for help comments.

#REQUIRES -Version 2.0

<#
.SYNOPSIS
    A brief description of the function or script. This keyword can be used
    only once in each topic.
.DESCRIPTION
    A detailed description of the function or script. This keyword can be
    used only once in each topic.
.NOTES
    File Name      : xxxx.ps1
    Author         : J.P. Blanc (jean-paul_blanc@silogix-fr.com)
    Prerequisite   : PowerShell V2 over Vista and upper.
    Copyright 2011 - Jean Paul Blanc/Silogix
.LINK
    Script posted over:
    http://silogix.fr
.EXAMPLE
    Example 1
.EXAMPLE
    Example 2
#>
Function blabla
{}

For more explanation about .SYNOPSIS and .* see about_Comment_Based_Help.

Remark: These function comments are used by the Get-Help CmdLet and can be put before the keyword Function, or inside the {} before or after the code itself.

Best Answer

Related Solutions

Windows – How to run a PowerShell script

Powershell – How to comment out code in PowerShell

Related Topic