hey, iv tried to find any of data about the certificates that are gone to expired soon,
i’d try this for example
(values “subject” of it, value “Not Before” of it, value “Not After” of it) of keys “HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\SystemCertificates\MY\Certificates” of (x64 registries;x32 registries)
but get nothing
there is a way?
In my experience, it’s not possible. The info in the cert is stored in this BLOB which I have not been able to find a way to decipher. I had opted to write myself a quick powershell script where a basic “dir” works to read all those back (example below, in my case was expiring certs but it can be easily adjusted to display what you want). For what it’s worth there are a few separate RFEs that would open the door for situations like this (BFP-I-76 & BFP-I-252) but unfortunately they have not been committed to or delivered as of now.
appendfile $age = {parameter “Age”}
appendfile
appendfile Get-ChildItem cert:\LocalMachine\My -Recurse | ? {{$.NotAfter -le [DateTime]::Now.AddDays($age) -and $.NotAfter -gt [DateTime]::Now} | Select Subject, Issuer, Thumbprint, NotBefore, NotAfter, @{{N=“Template”;E={{($.Extensions | ? {{$.oid.FriendlyName -match “Certificate Template Information”}).Format(0) -replace “(.+)?=(.+)((.+)?”, ‘$2’}} | % {{ "Subject = " + ($.Subject).ToString() + " | Issuer = " + ($.Issuer).ToString() + " | Thumbprint = " + ($.Thumbprint).ToString() + " | NotBefore = " + ($.NotBefore).ToString() + " | NotAfter = " + ($.NotAfter).ToString() + " | Template = " + $.Template | Out-File “Expiring_Certs.txt” -Append }