function Get-CertInfoTcp { | |
[CmdletBinding()] | |
param ( | |
[Parameter(Position = 0, Mandatory)] | |
[string] $ComputerName, | |
[Parameter(Position = 1)] | |
[int] $Port = 443, | |
[Parameter()] | |
[int] $Timeout = 3000, | |
[Parameter()] | |
[switch] $ReturnCertificate | |
) | |
try { | |
$tcpClient = New-Object -TypeName System.Net.Sockets.TcpClient | |
$iar = $tcpClient.BeginConnect($ComputerName,$Port,$null,$null) | |
$wait = $iar.AsyncWaitHandle.WaitOne($Timeout,$false) | |
if (!$wait) { | |
$tcpClient.Close() | |
Write-Warning 'Connection attempt timed out' | |
} | |
else { | |
$null = $tcpClient.EndConnect($iar) | |
if ($tcpClient.Connected) { | |
$tcpStream = $tcpClient.GetStream() | |
$sslStream = New-Object -TypeName System.Net.Security.SslStream -ArgumentList ($tcpStream, $false) | |
$sslStream.AuthenticateAsClient($ComputerName) | |
$certificate = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Certificate2 -ArgumentList ($sslStream.RemoteCertificate) | |
if ($ReturnCertificate) { | |
Write-Output $certificate | |
} | |
else { | |
Write-Output ([PSCustomObject] [Ordered] @{ | |
IssuerCN = $certificate.Issuer.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1] | |
SubjectCN = $certificate.Subject.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1] | |
ValidFrom = $certificate.NotBefore | |
ValidTo = $certificate.NotAfter | |
}) | |
} | |
$certificate.Dispose() | |
$sslStream.Close() | |
$sslStream.Dispose() | |
$tcpStream.Close() | |
$tcpStream.Dispose() | |
} | |
else { | |
Write-Warning "Unable to establish connection to $ComputerName on port $Port" | |
} | |
$tcpClient.Close() | |
} | |
} | |
catch { | |
Write-Warning $_.Exception.InnerException.Message | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment