In the past two days I’ve produced a couple of scripts designed to reveal tidbits about your Exchange Server, like
serial numbers and postmaster addresses. In that vein, I’ve produced a script that will reveal information your servers Exchange certificates.
#
# Exchange server certificates script
#
# This script will list the server name, domains involved, self-signed or not, services assigned to, states, CA issuer
#
# first we need tp export the Exchange server names to a CSV file
get-exchangeserver | export-csv c:\scripts\exchservers.csv
# Now we need to loop through this to find list all certificates
$servers = import-csv c:\scripts\exchservers.csv
foreach ($line in $servers) {
$server = $line.name
Get-ExchangeCertificate -server mailtrading04 |ft certificatedomains,isselfsigned,services,status,issuer -auto
}
This script does not produce pretty output, but it can be used to help you gather certification information on your server. The best use of this script it to make sure your certificates match the URLs on the Exchange servers.
