Summary:
This article details how to verify if your SSL certificate is valid on your Windows Server environment.
Method:
The test-certificate cmdlet verifies a certificate according to input parameters. The revocation status of the certificate is verified by default.
- If the AllowUntrustedRoot parameter is specified, then a certificate chain is built, but an untrusted root is allowed. Other errors, such as expired, are still verified against.
- If the DNSName parameter is used, then the DNS subject alternative name is used to verify SSL policy.
- If the EKU parameter is used, then the specified application policy object identifiers are used to verify the chain.
- If the User parameter is used, then the specified user context is used is to build and verify the chain."
- Microsoft MSDN 1, 2, 3, 4, URL https://docs.microsoft.com/en-us/powershell/module/pki/test-certificate?view=windowsserver2019-ps
The PowerShell Command
PS C:\>Get-ChildItem -Path Cert:\YouMachineLocation\My | Test-Certificate -Policy SSL -DNSName "dns=LA.com"
This example verifies each certificate in the MY store of the local machine and verifies that it is valid for SSL with the DNS name specified.
Note: A System administrator can easily apply this command to verify if an SSL certificate is valid or not.
Properties:
Private Host 5.x
SSL Certificate