Release date: March 8th 2024
Welcome to my VMware Horizon series. Having the certificates for VMware by Broadcom Horizon Connection Servers, UAG’s, App Volumes Managers expire without knowing about it, is in best case annoying. It’s always nice to know about this before it is an issue reported by the users. As I don’t have an expensive Operations Management solution in my Lab, I had to find another solution to this. A simple fix to this is to have a little Powershell script that check this for me and sends an email if the certificates is about to expire. Running this as a weekly scheduled task, will make sure I know about this in good time before the certificates expire. (PS: I know I’m no programmer and a lot of this script have the potential for improvement, but, it gets the job done, and that’s good enough for me).
checkCertExp.ps1
# Settings
$minimumCertAgeDays = 30
$timeoutMilliseconds = 6000
[Net.ServicePointManager]::ServerCertificateValidationCallback = { $true }
#Credentials for SMTP
$SMTPcreds = get-credential
# URL's to check certificate expiration of
$urls = @(
"https://fqdn-connection-server",
"https://fqdn-app-volumes-manager",
"https://fqdn-uag"
)
# Check certificate expiration of URLs defined above
foreach ($url in $urls) {
Write-Host "Checking certificate information for $url ..." -ForegroundColor "Yellow"
$req = [System.Net.WebRequest]::Create($url)
$req.Timeout = $timeoutMilliseconds
$req.AllowAutoRedirect = $true
try {
$req.GetResponse() | Out-Null
#$req.GetResponse() | Out-Null catch {Write-Host Exception while checking URL $url`: $_ -f Red}
}
catch
{
Write-Host "Exception occurred while checking URL $url`: $_ ." -ForegroundColor "Red"
}
$expirationString = $req.ServicePoint.Certificate.GetExpirationDateString()
$dateTimeFormat = "$((Get-Culture).DateTimeFormat.ShortDatePattern) $((Get-Culture).DateTimeFormat.LongTimePattern)"
$expiration = [DateTime]::ParseExact($expirationString, $dateTimeFormat, [System.Globalization.DateTimeFormatInfo]::InvariantInfo, [System.Globalization.DateTimeStyles]::None)
[int]$certExpiresIn = ($expiration - $(Get-Date)).Days
if ($certExpiresIn -gt $minimumCertAgeDays){
Write-Host "The certificate for $url will expire in $certExpiresIn days ($('{0:dd.MM.yyyy.}' -f $expiration))." -ForegroundColor "Green"
}
else
{
#Write-Host "ERROR: The certificate for $url expire in $certExpiresIn days (on $('{0:dd.MM.yyyy.}' -f $expiration)) and query threshold is set to $minimumCertAgeDays days!" -ForegroundColor "Red"
# Send-MailMessage @smtpSplat
$emailFrom = "Sender email-adress"
$emailTo = "Reciever email address"
$emailSubject = "Certificate expiration date warning"
$emailBody = "Certificate for $url expires in $certExpiresIn dager. Make sure to renew certificate before this date."
$emailEncoding = "UTF8"
$SmtpServer = "fqdn SMTP-server"
$SmtpPort = "25/587"
Send-MailMessage -From $emailFrom -To $emailTo -Subject $emailSubject -Body $emailBody -SmtpServer $SmtpServer -Port $SmtpPort -UseSsl -Credential $SMTPcreds -Encoding $emailEncoding
}
}
VMware Horizon planning, deployment etc.
Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.
bjosoren's IT-Tech blog 