locked
Powershell script to remove expired cert from specific issuer RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    I'm trying to do a script to remove a cert from workstations in the Computer Personal store that is expired and from a specific issuer,

    This works fine to remove all expired certs from the store:

            $Certs = Get-ChildItem "Cert:\LocalMachine\My" -Recurse
       Foreach($Cert in $Certs) {
            If($Cert.NotAfter -lt (Get-Date)) {
                $Cert | Remove-Item
            }
        }


    This is what I've tried to add the issuer but I can't get it to work:

            $Certs = Get-ChildItem "Cert:\LocalMachine\My" -Recurse
       Foreach($Cert in $Certs) {
            If($Cert.NotAfter -lt (Get-Date) -and ($_.issuer -eq "Issuer Name") {
                $Cert | Remove-Item
            }
        }

    Additionally it would be cool to be able to also base the condition on if the Certificate was issued to the FQ host name of the client but this is less important.

    Any help in the right direction is appreciated.

    Wednesday, March 18, 2020 11:14 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote 
    Get-ChildItem Cert:\LocalMachine\My | 
    Where{
        Write-Host $_.Subject $_.NotAfter -Fore Green
        $_.Issuer -match 'dsalocal.intel.com' -and
        $_.NotAfter -lt [datetime]::Now 
    } |
    Remove-Item

    \_(ツ)_/

    Wednesday, March 18, 2020 11:32 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Yang Yang
    Tuesday, March 24, 2020 1:56 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi,

    Was your issue resolved?

    If you resolved it using our solution, please "mark it as answer" to help other community members find the helpful reply quickly.

    If you resolve it using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

    If no, please reply and tell us the current situation in order to provide further help.

    Best Regards,

    Yang Yang

    Monday, March 30, 2020 6:04 AM