PropertySource - Certificate Information


Recommended Posts

We had to find out who issued the SSL cert on port 443 for a bunch of network devices and servers. So I wrote this TCPMLH.
It pulles the IssuerCN, SubjectCN, ValidFrom and ValidTo info for the certificate. It could easily be modified to look at other ports as well if wanted.

It depends on a PropertySource that was listed here awhile ago 'DataSources_List', which I don't have the key for, but can share the XML if needed.

 

Link to post
Share on other sites

Guessing it hasn't been approved yet. Below is the PowerShell script and the AppliesTo is 'auto.activedatasources =~ "HTTPS"'

 

$URL = "https://"
$URL = $URL + "##hostname##"


try {
    [Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}
    $webRequest = [System.Net.HttpWebRequest]::Create($URL)

    $webRequest.KeepAlive = $false
    $webRequest.Timeout = 5000
    $webRequest.ServicePoint.ConnectionLeaseTimeout = 5000
    $webRequest.ServicePoint.MaxIdleTime = 5000

    #$null = $webRequest.GetResponse()
    $null = $webRequest.GetResponse().Dispose()
        
}
catch [System.Net.WebException] {
    if ($_.Exception.Status -eq [System.Net.WebExceptionStatus]::TrustFailure) {
        # We ignore trust failures, since we only want the certificate, and the service point is still populated at this point
    }
    else
    {
       # Write-Warning $_.Exception.Message
    }
}
catch {
   # Write-Warning $_.Exception.Message
}

if (($webRequest.ServicePoint.Certificate) -and ($webRequest.ServicePoint.Certificate.Handle -ne 0)) {
    if ($ReturnCertificate) {
       # Write-Output $webRequest.ServicePoint.Certificate
    }
    else {

        $IssuerCN = $webRequest.ServicePoint.Certificate.Issuer.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1]
        $SubjectCN = $webRequest.ServicePoint.Certificate.Subject.Split(', ',[System.StringSplitOptions]::RemoveEmptyEntries)[0].Split('=')[1]
        $ValidFrom = $webRequest.ServicePoint.Certificate.GetEffectiveDateString()
        $ValidTo = $webRequest.ServicePoint.Certificate.GetExpirationDateString()

        Write-Host "certificate.IssuerCN=$IssuerCN"
        Write-Host "certificate.SubjectCN=$SubjectCN"
        Write-Host "certificate.ValidFrom=$ValidFrom"
        Write-Host "certificate.ValidTo=$ValidTo"
    }

    $webRequest.ServicePoint.Certificate.Dispose()
}   

[Net.ServicePointManager]::ServerCertificateValidationCallback = $null

 

  • Like 1
  • Upvote 1
Link to post
Share on other sites
  • 3 weeks later...
  • Administrators

This one is "stuck" with us for the moment. There are new Exchange features coming out (really cool stuff; think app store). While that's being done, all non-core LogicModules (meaning LogicModules not written by LM) have been marked as private. Once the new Exchange features go live, the module author should be able to go to the "My Integrations" tab and flip the toggle from private to public. (Working on a shortcut for this one right now.)

Link to post
Share on other sites
  • 1 month later...
On 2/22/2020 at 12:42 AM, Joe Williams said:

It depends on a PropertySource that was listed here awhile ago 'DataSources_List', which I don't have the key for, but can share the XML if needed.

 

Hi Joe,
Can you please share the XML. Much Appreciated

Thanks

Edited by Herin
typo
Link to post
Share on other sites
  • 1 month later...
  • Administrators

This just means that your script didn't write anything to the stdout pipe. With PowerShell, you use Write-Host "propertyname=propertyvalue" for every property you want to create on the device.  https://www.logicmonitor.com/support/logicmodules/propertysources/creating-propertysources

You may also look at using the debug window to run your script. That way you can see the raw output.  The command you'd want to run is !posh. However, you'll want this chrome extension. Without it, you have to upload your script to the collector and specify the path. With it, you can just paste in your script and select the device to run against. It will make the token substitutions and run it on the collector against that device.

Link to post
Share on other sites
Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.