
function global:Get-IISWebCertificates
        .EXTERNALHELP HelperFunctions.psm1-Help.xml

        [Parameter(Mandatory = $false,
                 HelpMessage = 'Enter list of computer(s)')]
        [Alias('CN', 'Computer', 'ServerName', 'Server', 'IP', 'WebServers')]
        [Parameter(Mandatory = $false,
                 ValueFromPipeline = $true,
                 ValueFromPipelineByPropertyName = $true,
                 HelpMessage = 'Enter credentials')]

            if ($PSVersionTable.PSVersion.Major -lt 6 -and [Net.ServicePointManager]::SecurityProtocol -notmatch 'Tls12')
                Write-Verbose -Message 'Adding support for TLS 1.2'
                [Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls12
            Write-Warning -Message 'Adding TLS 1.2 to supported security protocols was unsuccessful.'

            if ($PSVersionTable.PSVersion.Major -lt 6 -and [Net.ServicePointManager]::SecurityProtocol -notmatch 'Tls13')
                Write-Verbose -Message 'Adding support for TLS 1.3'
                [Net.ServicePointManager]::SecurityProtocol += [Net.SecurityProtocolType]::Tls13
            Write-Warning -Message 'Adding TLS 1.3 to supported security protocols was unsuccessful.'

        $localComputer = Get-CimInstance -ClassName CIM_ComputerSystem -Namespace 'root\CIMv2' -Property *
        $fqdn = "{0}.{1}" -f $localComputer.DnsHostName, $localComputer.Domain

        if ($ComputerName.Count -gt 1)
            $ComputerName = $ComputerName -split ','
        elseif ($ComputerName.Count -eq 1)
            $ComputerName = $PSBoundParameters["ComputerName"]
        foreach ($Computer in $ComputerName)

            if ($Computer -ne $fqdn)
                $Params = @{
                    ComputerName = $Computer
                    ErrorAction  = 'Stop'

                if ($PSBoundParameters.ContainsKey('Credential') -and ($null -ne $PSBoundParameters["Credential"]))
                    $Params.Add('Credential', $Credential)

                    Invoke-Command @Params -ScriptBlock {
                            Import-Module -Name WebAdministration -Force -ErrorAction Stop
                                Import-Module C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WebAdministration\WebAdministration.psd1 -ErrorAction Stop
                                throw "WebAdministration module could not be loaded. $($_.Exception.Message)"


                            $SSLBindings = Get-ChildItem IIS:SSLBindings | Sort-Object thumbprint -unique
                            $errorMessage = "{0}: {1}" -f $Error[0], $Error[0].InvocationInfo.PositionMessage
                            Write-Error $errorMessage -ErrorAction Continue

                        if ($SSLBindings.Count -ge 1)
                                $SSLBindings | Foreach-Object {
                                    $cert = Get-ChildItem Cert:\LocalMachine\My | `
                                    Where-Object thumbprint -Match $_.thumbprint | `
                                    Select-Object Issuer, SignatureAlgorithm, PublicKey, Subject, SerialNumber, NotBefore, NotAfter
                                        Site                = $_.sites.value
                                        CertificateHash   = $_.thumbprint
                                        Subject           = $cert.Subject
                                        Serial           = $cert.SerialNumber
                                        NotBefore            = $cert.NotBefore
                                        NotAfter            = $cert.NotAfter
                                        CertDaysRemaining = (New-TimeSpan -Start (Get-Date) -End $cert.NotAfter).Days
                                        Issuer           = $cert.Issuer
                                        KeyLength            = $cert.PublicKey.Key.Length
                                        SignatureAlgorithm = $cert.SignatureAlgorithm.FriendlyName
                                        CertificateKeyAlgorithm = $cert.PublicKey.Key.SignatureAlgorithm
                                        CertificateKeyLength = $cert.PublicKey.Key.Length
                                } #end foreach
                                $errorMessage = "{0}: {1}" -f $Error[0], $Error[0].InvocationInfo.PositionMessage
                                Write-Error $errorMessage -ErrorAction Continue
                                    Site                     = $_.sites.value
                                    CertificateHash        = "There are no certificates bound to port 443 on this site."
                                    Subject                = ""
                                    Serial                = ""
                                    NotBefore                 = ""
                                    NotAfter                = ""
                                    CertDaysRemaining        = ""
                                    Issuer                = ""
                                    KeyLength                 = ""
                                    SignatureAlgorithm        = ""
                                    CertificateKeyAlgorithm = ""
                                    CertificateKeyLength    = ""
                                $errorMessage = "{0}: {1}" -f $Error[0], $Error[0].InvocationInfo.PositionMessage
                                Write-Error $errorMessage -ErrorAction Continue

                    } #end scriptblock
                    $errorMessage = "{0}: {1}" -f $Error[0], $Error[0].InvocationInfo.PositionMessage
                    Write-Error $errorMessage -ErrorAction Continue
                    Import-Module -Name WebAdministration -Force -ErrorAction Stop
                        Import-Module C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WebAdministration\WebAdministration.psd1 -ErrorAction Stop
                        throw "WebAdministration module could not be loaded. $($_.Exception.Message)"


                    $SSLBindings = Get-ChildItem IIS:SSLBindings | Sort-Object thumbprint -unique
                    $errorMessage = "{0}: {1}" -f $Error[0], $Error[0].InvocationInfo.PositionMessage
                    Write-Error $errorMessage -ErrorAction Continue

                if ($SSLBindings.Count -ge 1)
                    $SSLBindings | Foreach-Object {
                        $cert = Get-ChildItem Cert:\LocalMachine\My | `
                        Where-Object thumbprint -Match $_.thumbprint | `
                        Select-Object Issuer, SignatureAlgorithm, PublicKey, Subject, SerialNumber, NotBefore, NotAfter
                            Site                = $_.sites.value
                            CertificateHash   = $_.thumbprint
                            Subject           = $cert.Subject
                            Serial           = $cert.SerialNumber
                            NotBefore            = $cert.NotBefore
                            NotAfter            = $cert.NotAfter
                            CertDaysRemaining = (New-TimeSpan -Start (Get-Date) -End $cert.NotAfter).Days
                            Issuer           = $cert.Issuer
                            KeyLength            = $cert.PublicKey.Key.Length
                            SignatureAlgorithm = $cert.SignatureAlgorithm.FriendlyName
                            CertificateKeyAlgorithm = $cert.PublicKey.Key.SignatureAlgorithm
                            CertificateKeyLength = $cert.PublicKey.Key.Length
                    } #end foreach
                        Site                     = $_.sites.value
                        CertificateHash        = "There are no certificates bound to port 443 on this site."
                        Subject                = ""
                        Serial                = ""
                        NotBefore                 = ""
                        NotAfter                = ""
                        CertDaysRemaining        = ""
                        Issuer                = ""
                        KeyLength                 = ""
                        SignatureAlgorithm        = ""
                        CertificateKeyAlgorithm = ""
                        CertificateKeyLength    = ""
        } #end foreach webserver

    { }
}#end function Get-IISWebCertificate