Note: This question is part of a series of questions that present the same scenario. Each question in
the series contains a unique solution that might meet the stated goals. Some question sets might have
more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these
questions will not appear in the review screen.You have a server named Web1 that runs Windows Server 2016.
You need to list all the SSL certificates on Web1 that will expire during the next 60 days.
Solution: You run the following command.
Get-ChildItem Cert:\\LocalMachine\\Trust |? { $_.NotAfter It (Get-Date).AddDays( 60 ) }
Does this meet the goal?
A.
Yes
B.
No
Powershell 2.0? Throws up an error, anyhow. Powershell 3.0 onwards is -ExpiringInDays
Get-ChildItem Cert:\\LocalMachine\\Trust |? { $_.NotAfter It (Get-Date).AddDays( 60 ) }
At line:1 char:59
+ Get-ChildItem Cert:\\LocalMachine\\Trust |? { $_.NotAfter It (Get-Dat …
+ ~~
Unexpected token ‘It’ in expression or statement.
+ CategoryInfo : ParserError: (:) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : UnexpectedToken
2
0
@Chris, That should be hyphen LT (-lt)
1
1
Get-ChildItem Cert:\LocalMachine\My |? { $_.NotAfter -lt (Get-Date).AddDays(60)}
15
2
This one is correct. You want LocalMachine\My instead of LocalMachine\Trust.
To write it fully:
Get-ChildItem -Path ‘Cert:\LocalMachine\My’ | Where-Object -FilterScript {$PSItem.NotAfter -lt ((Get-Date).AddDays(60))}
Keep in mind, this will technically also list already expired certificates, unless those no longer have a NotAfter attribute.
Small distinction, look for it on your exam.
The correct answer here is No.
11
0
What about such syntax?
Get-ChildItem -Path cert: -Recurse -ExpiringInDays 60
0
2