RE: [ActiveDir] OT: Script or utility to dump certificates on a remote server?

Thu, 30 Nov 2006 00:51:59 -0800 

Steve,
    I used Alun Jones's code for SSLScan located here,
 
http://msmvps.com/blogs/alunj/archive/2006/05/14/94968.aspx
 
It's in C # but a managed to convert it to VB .Net 2.0.
Create a file containing the dns names of all your DC's (one per line)
and then run "sslscan server.txt"
The output is something like this,
 
Connecting to server: server.dns.host.name:636
Client connected.
Subject: CN=server.dns.host.name
Issuer : CN=My Internal CA Server , OU=Department, O=Company,
L=SomeTown, S=SomeState, C=XX, [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]> 
Serial : 418EA72100010005D391
Expires: 7/09/2007 6:23:49 PM
 
Regards
Russell

________________________________

From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steve Szwejbka
Sent: Thursday, 30 November 2006 5:17 AM
To: [email protected]
Subject: [ActiveDir] OT: Script or utility to dump certificates on a
remote server?



We have certificates deployed to some unknown number of Windows (mostly
2k3, but some 2k) servers throughout the environment. The certificates
were generated via some internal root server which apparently does not
have a way to dump what certificates have been issued and when they
expire. So, I'm trying to figure out a way to remotely look at large
numbers of servers (1000+) to see which servers a) have a certificate
installed, and b) when it expires.  It doesn't appear that certutil.exe
does this type of thing for remote servers. Does anyone know of any
vbscript or vb.net calls that can be used to get this info? 

Thanks 

-Steven 

________________________________

The information contained in this e-mail and any accompanying documents
may contain information that is confidential or otherwise protected from
disclosure. If you are not the intended recipient of this message, or if
this message has been addressed to you in error, please immediately
alert the sender by reply e-mail and then delete this message, including
any attachments. Any dissemination, distribution or other use of the
contents of this message by anyone other than the intended recipient is
strictly prohibited.

Reply via email to