Oct 27, 2014 at 8:13 PM
Edited Oct 27, 2014 at 8:16 PM
Along with the certificate information retrieved with Test-WebServerSSL, is there a way to retrieve the SSLFlags attribute? I've found that this isn't always in the same place and on some systems running IIS, I haven't been able to locate it.

We have a need to verify all web servers are public key enabled. Part of this process is verifying the requirement of client certificates is properly configured.

I've written a small script that takes a list of machine names as input, checks each to see if W3SVC is present and running. If so, it looks for the server certificate. This is useful as all of our web servers require certificates issued by the Department of Defense.

I'm hoping this can be done without PSRemoting. Not every machine on the network has it enabled, and I'm pretty sure we aren't even supposed to use it (DoD Security guidelines .. grrrr)


Oct 27, 2014 at 8:36 PM
Currently it is not possible. And I'm not sure if this request fits the project scope.
Oct 28, 2014 at 12:07 PM
Thanks. I thought I'd ask here since the requirement of client certificates is part of PKI. Do you know if there is anything in existence that might do this? It's probably possible through .Net, but that is beyond my current capability.