– new HTML template
– added two informations : Root and Subordinate CA CRL expiration dates in the report

Purpose :

This project is a simple script to monitor the certificate expiration. When a certificate is about to expire (1 month), a report is sent by email

Pre-requesite :

  • Public Key Infrastructure PowerShell module (http://pspki.codeplex.com/)
  • Locate your CRL files path and names (the default path used is C:\Windows\System32\certsrv\CertEnroll)

Installation :

  • Connect on your PKI CA server (issuing CA) using RDP
  • Download and install the PKI Powershell module
  • Create the folder : C:\Scripts
  • Create a script filename C:\Scripts\adcs_exp.ps1 with the following source code:


  • Launch a powershell command prompt and execute the command : set-executionpoilicy unrestricted
  • Schedule a task with the following parameters:
    • Run whether user is logged on or not
    • Run with highest privileges
    • Trigger : Monthly / Runs on the first and third Monday every months
    • Actions : Start a program > powershell -file “C:\Scripts\adcs_exp.ps1”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Social Media Auto Publish Powered By : XYZScripts.com
%d bloggers like this: