Add validity start/end to get-acmecertificate

Question

Add validity start/end to get-acmecertificate

boojew opened this issue 6 years ago · 3 comments

We're using ACMESharp to generate PEM files and it would be fantastic if get-acmecertificate returned the dates the certificate is valid for.

Answer 1 · 2018-08-21T16:48:18.000Z

I recommend leveraging the strengths of PWSH:

$pemPath = "$PWD\path\to\your\file.pem"
$pemBytes = [System.IO.File]::ReadAllBytes($pemPath)
$pemCert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($pemBytes)

## Get the start/end dates (or any other Cert property you care for)
$pemCert.NotBefore
$pemCert.NotAfter
$pemCert.Issuer
$pemCert.Subject

Answer 2 · 2018-08-21T16:52:56.000Z

In fact, I've found it's even easier - the get-pfxcertificate cmdlet can be used w/ just about all formats of certs; however, my request was more about getting the validity of certs that acmesharp has requested (and I imagine are somehow linked to the vault?) so that I can see the overall status of my LE certs. Obviously, I have a workaround, but I thought this could be handy

Answer 3 · 2018-08-21T18:54:49.000Z

I don't think I understand what you mean -- a cert's validity is part of the cert itself. There really isn't anything external to that that's stored in the vault or returned from LE. Perhaps you're thinking of the expiration on the Identifier validation, or the issued Challenges? If that's the case, there are some details for that which are stored as part of the corresponding entities (Identifier / Challenge) but those would not be from Get-ACMECertificate cmdlet.