Untitled

 avatar
unknown
plain_text
a month ago
1.9 kB
0
Indexable
- name: Gather certificate expiry information from all relevant stores
  hosts: all
  gather_facts: no
  tasks:
    - name: Get certificates from Personal and Remote Desktop stores
      win_shell: |
        $stores = @("Cert:\LocalMachine\My", "Cert:\LocalMachine\Remote Desktop")
        $results = @()
        $certificates = @()
        foreach ($store in $stores) {
            $certificates = Get-ChildItem -Path $store -Recurse
            foreach ($certificate in $certificates) {
                $expiryDate = $certificate.NotAfter
                $cn = $certificate.Subject 
                $result = [PSCustomObject]@{
                    'IP Address' = "{{ ansible_host }}"
                    'Certificate CN' = $cn
                    'Expiration Date' = $expiryDate
                }
                $results += $result
            }
        }
        $results | ConvertTo-Csv -NoTypeInformation
      register: cert_output

    - name: Aggregate certificate outputs
      set_fact:
        aggregated_certificates: "{{ aggregated_certificates | default([]) + cert_output.stdout_lines[1:] }}"

    - name: Save certificates to a central CSV file
      delegate_to: 10.0.1.1
      run_once: true
      win_shell: |
        $header = "IP Address,Certificate CN,Expiration Date"
        $data = @"
        {{ aggregated_certificates | join("`n") }}
        "@
        
        # Check if the file exists
        if (Test-Path "C:\path\to\output\certificates_expiry.csv") {
            # Append to the existing file
            $data | Out-File -FilePath "C:\path\to\output\certificates_expiry.csv" -Encoding UTF8 -Append
        } else {
            # Create the file and add the header
            $header + "`n" + $data | Out-File -FilePath "C:\path\to\output\certificates_expiry.csv" -Encoding UTF8
        }
      args:
        executable: powershell
Leave a Comment