cmhealth

0.3.0

tests/Test-CmCertificates.ps1

                                function Test-CmCertificates {

    [CmdletBinding()]

    param (

        [parameter()][string] $TestName = "Site Certificate Expirations",

        [parameter()][string] $TestGroup = "operation",

        [parameter()][string] $Description = "Check certificate expiration dates",

        [parameter()][hashtable] $ScriptParams

    )

    try {

        $startTime = (Get-Date)

        #[int]$Setting = Get-CmHealthDefaultValue -KeySet "keygroup:keyname" -DataSet $CmHealthConfig

        [int]$expdays = 30

        [System.Collections.Generic.List[PSObject]]$tempdata = @() # for detailed test output to return if needed

        $stat   = "PASS" # do not change this

        $except = "WARNING" # or "FAIL"

        $msg    = "No issues found" # do not change this either

        $query = "SELECT SiteCode,RoleID,RoleName,State,Configuration,MessageID,LastEvaluatingTime,Param1

              FROM dbo.vCM_SiteConfiguration where RoleName like '%Certificate'"

        Write-Verbose "submitting query"

        $res = Get-CmSqlQueryResult -Query $query -Params $ScriptParams

        Write-Verbose "returned $($res.Count) certificate records"

        $ecount = 0

        foreach ($row in $res) {

            [string]$cfg = $($row.Configuration -replace "`n",",")

            [datetime]$exp = $($cfg -split 'Expires:')[1].Trim()

            Write-Verbose "expiration date is $exp"

            if ((New-TimeSpan -Start (Get-Date) -End $exp).Days -lt $expdays) {

                Write-Verbose "expiration less than $expdays days"

                $stat = $except

                $msgx = "Certificate about to expire or has expired"

                $ecount++

            } else {

                $msgx = "Valid"

            }

            $tempdata.Add(

                [pscustomobject]@{

                    RoleName = $row.RoleName

                    Details  = $msgx

                    Configuration = $row.Configuration

                    Expiration = $exp

                }

            )

        }

        if ($res.Count -gt 0) {

            $stat = $except

            $msg  = "$($ecount) of $($res.Count) certificates expired or will expire within $expdays days"

        }

    }

    catch {

        $stat = 'ERROR'

        $msg = $_.Exception.Message -join ';'

    }

    finally {

        Write-Output $([pscustomobject]@{

            TestName    = $TestName

            TestGroup   = $TestGroup

            TestData    = $tempdata

            Description = $Description

            Status      = $stat

            Message     = $msg

            RunTime     = $(Get-RunTime -BaseTime $startTime)

            Credential  = $(if($ScriptParams.Credential){$($ScriptParams.Credential).UserName} else { $env:USERNAME })

        })

    }

}