Last active
April 27, 2023 18:25
-
-
Save ChrisRomp/eee1211e7015f83c1bfed297687d4a54 to your computer and use it in GitHub Desktop.
Fetches a host's SSL certificate and displays the cert chain info.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$checkHost = "www.azure.com" | |
try { | |
# Create a TCP client and connect to the server using the URL and port 443 | |
$client = New-Object System.Net.Sockets.TcpClient($checkHost, 443) | |
# Create an SslStream using the TCP client and set the remote certificate validation callback | |
$sslStream = New-Object System.Net.Security.SslStream($client.GetStream(), $false, { $true }) | |
# Authenticate the client | |
$sslStream.AuthenticateAsClient($checkHost) | |
# Get the server certificate and display the full certificate chain | |
$serverCertificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($sslStream.RemoteCertificate) | |
Write-Host "Server certificate chain for host: $checkHost" | |
$chain = New-Object System.Security.Cryptography.X509Certificates.X509Chain | |
$chain.Build($serverCertificate) | |
foreach ($element in $chain.ChainElements) { | |
Write-Host $element.Certificate.Subject | |
} | |
# Close the SSL stream and TCP client | |
$sslStream.Close() | |
$client.Close() | |
} | |
catch { | |
$err = $_ | |
Write-Host "ERROR: $($err.Exception.Message)" | |
Write-Host "`nException Detail:`n$($err.Exception.ToString())" | |
Exit 1 | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment