SOLVED: Easy Command To List Certificates

We had a client who wanted us to audit their dozen servers for the status of their certificates. We decided to export all of the core certificate information into a simple .CSV which lets us modify and make it pretty in Excel.



  1. Open a POWERSHELL AS AN ADMINISTRATOR
  2. Paste this command:
    Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object { $_.NotAfter -gt (Get-Date) } | Sort-Object FriendlyName | Select-Object FriendlyName, Subject, Issuer, NotAfter | Export-Csv -Path "C:\TEMP\Certificates.csv" -NoTypeInformation
  3. Open the resulting C:\TEMP\Certificates.csv with Excel and make it pretty, like sorting and filtering and formatting as a table

Note that we EXCLUDED all certificates that are expired already because some of our clients do not delete their dead ones.



Published by
Ian Matthews