none
Need help to Convert PS1 to VBS RRS feed

  • Question

  • Can anyone help me to convert the following PowerShell code to VBScript? Many thanks in advance.

    $OF = [System.Security.Cryptography.X509Certificates.OpenFlags]"ReadOnly"
    $SL = [System.Security.Cryptography.X509Certificates.StoreLocation]"LocalMachine"
    $Certificates = new-object System.Security.Cryptography.X509Certificates.X509Store("\\ServerName\my",$SL)
    $Certificates.Open($OF)
    $Certificates.Certificates


    -Edatha-

    Tuesday, November 25, 2014 7:13 PM

Answers

All replies

  • There is no equivalent in VBScript.  Try using CertMgr to open the local store.

    http://msdn.microsoft.com/en-us/library/e78byta0(v=vs.110).aspx


    ¯\_(ツ)_/¯

    Tuesday, November 25, 2014 7:30 PM
  • Thanks.. How do I list the certificates using CertMgr? Basically I was using this script to list the certs which are going to expire in next 30 days. Since I have many systems which don't have PowerShell. I have to convert this to VBScript.

    Or is it possible to read the certificate information from registry using VBScript?

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\MY\Certificates


    -Edatha-

    Tuesday, November 25, 2014 7:44 PM
  • Can anyone help me to convert the following PowerShell code to VBScript?

    That statement presumes that it is possible to convert your PowerShell code to VBScript. VBScript does not have access to the .NET classes you are using in the PowerShell script, so it is not possible to simply "convert" it. As jrv noted, you may be able to get the information you need using the certmgr.exe command-line tool.


    -- Bill Stewart [Bill_Stewart]

    Tuesday, November 25, 2014 8:35 PM
    Moderator
  • OK, So how can I use certmgr to get the certs which are going to expire in 30 days?

    -Edatha-

    Tuesday, November 25, 2014 8:38 PM
  • The documentation for the tool can be found by searching.

    If the output from the executable contains the information, you will probably have to parse it.

    Alternatively, you can install PowerShell on the systems you are managing. (PowerShell 2.0 is built in from Windows 7 on.)


    -- Bill Stewart [Bill_Stewart]

    Tuesday, November 25, 2014 8:46 PM
    Moderator
  • I have seen the documentation but couldn't find any option to list the certs which expires after in 30 days. I can't install PowerShell on the computers as management wont allow it for now.

    -Edatha-

    Tuesday, November 25, 2014 8:52 PM
  • If there is not a specific option to do what you want, you may have to parse data from the output it does provide and extrapolate from it (if that is even possible - you will have to test and see).

    -- Bill Stewart [Bill_Stewart]

    Tuesday, November 25, 2014 8:59 PM
    Moderator
  • I found following command to get the details. How Do I replace current date and a date after one month using date variables in VBS?

    certutil –view –restrict "NotAfter<=December 26,2014 08:00AM,NotAfter>=November 26,2014 08:00AM" –out "RequestID,RequesterName"

    Also how to save the command result to another variable?


    -Edatha-


    • Edited by -Edatha- Tuesday, November 25, 2014 9:29 PM
    Tuesday, November 25, 2014 9:27 PM
  • It would probably be helpful to look up date manipulation in VBScript. Also, you can redirect the certutil.exe output to a temporary file and open the temporary file to parse it.

    -- Bill Stewart [Bill_Stewart]

    Tuesday, November 25, 2014 10:21 PM
    Moderator
  • What you are missing is that PowerShell can search for serts by expiration date remotely.  VBScript and CertMgr cannot really do that.


    ¯\_(ツ)_/¯

    Tuesday, November 25, 2014 11:52 PM
  • Here  is how tto do it in VBScript the easy way: http://www.example-code.com/vbscript/cert_checkExpired.asp


    ¯\_(ツ)_/¯

    Tuesday, November 25, 2014 11:55 PM
  • Tuesday, November 25, 2014 11:57 PM
  • Yes.. I have seen those articles while searching in Google, unfortunately I cannot register any dll file on the systems. This is to monitor the cert expiry of 300+ web servers. This script basically need to be run locally on system (It is run by a SCOM agent).

    -Edatha-

    Wednesday, November 26, 2014 12:48 AM
  • To get IIS certs use ADSI.

    Post in IIS forums to get the best solution:

    http://forums.iis.net

    THere are a number of ways to do this with batch files and VBSScript.


    ¯\_(ツ)_/¯

    Wednesday, November 26, 2014 1:22 AM