Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
It is hard to find a tool to check certificate expiration date on a remote machine without logon locally. Here is my code to accomplish this job:
// to build: cl scancert.cpp -link crypt32.lib
//------------------------------------------------------
#include <windows.h>
#include <wincrypt.h>
#include <stdlib.h>
#include <stdio.h>
#include <shlwapi.h>
const char *s1 = "\\my";
void listlocalcertstore(char const * const s);
void main(int argc, char** argv)
{
if (argc != 2) {
printf("Usage %s servername\n", argv[0]);
exit(1);
}
char *s2 = (char*)malloc( (strlen(s1) + strlen(argv[1]) +1) * sizeof(char));
if( s2 == NULL) {
printf("Can not allocate memory on s2\n");
exit(1);
}
strcpy(s2, argv[1]);
strcat (s2, s1);
char *s0 = (char*)malloc( (3 + strlen(s2)) * sizeof(char));
if( s0 == NULL) {
printf("Can not allocate memory on s0\n");
exit(1);
}
strcpy(s0,"\\\\");
strcat (s0, s2);
listlocalcertstore(s0);
free(s2);
free(s0);
}
void HandleError(char *s);
void listlocalcertstore(char const * const pszStoreName) {
HANDLE hStoreHandle;
PCCERT_CONTEXT pCertContext=NULL;
PCCERT_CONTEXT pDupCertContext;
PCERT_PUBLIC_KEY_INFO pOldPubKey = NULL;
PCERT_PUBLIC_KEY_INFO pNewPubKey;
char pszNameString[256];
wchar_t pwszStoreName[256];
swprintf(pwszStoreName, L"%S", pszStoreName);
hStoreHandle = CertOpenStore(
CERT_STORE_PROV_SYSTEM,
0,
NULL,
CERT_SYSTEM_STORE_LOCAL_MACHINE,
pwszStoreName
);
if(hStoreHandle)
{
// printf("The %s store has been opened. \n", pszStoreName);
}
else
{
HandleError("The store was not opened.");
}
/* Find the certificates in the system store. */
while(pCertContext = CertEnumCertificatesInStore(hStoreHandle, pCertContext)) {
/* Get and display the name of subject of the certificate. */
if(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, 0, NULL, pszNameString, 128)) {
printf("\nCertificate: %s \n",pszNameString);
}
else
{
HandleError("CertGetName failed.");
}
if(CertGetNameString(pCertContext, CERT_NAME_SIMPLE_DISPLAY_TYPE, CERT_NAME_ISSUER_FLAG, NULL, pszNameString, 128)) {
// printf("Issuer %s \n",pszNameString);
}
else
{
HandleError("CertGetName failed.");
}
FILETIME expirytime;
SYSTEMTIME systime;
expirytime = pCertContext->pCertInfo->NotAfter;
FileTimeToSystemTime(&expirytime, &systime);
printf("Expiry date: %d %d %d\n", systime.wYear, systime.wMonth, systime.wDay);
}
CertCloseStore(hStoreHandle, 0);
}
void printError(DWORD messageId) {
LPSTR pBuf;
if (FormatMessage(FORMAT_MESSAGE_ALLOCATE_BUFFER | FORMAT_MESSAGE_FROM_SYSTEM, NULL, messageId, 0, (LPSTR) &pBuf, 0, NULL)) {
fprintf(stderr, "%s\n", pBuf);
LocalFree(pBuf);
}
else
{
fprintf(stderr, "Error %d (0x%x)\n", messageId);
}
}
void HandleError(char *s)
{
DWORD dwErr = GetLastError();
fprintf(stderr,"An error occurred in running the program. \n");
fprintf(stderr,"%s\n",s);
fprintf(stderr, "Error number %x.\n", dwErr);
printError(dwErr);
fprintf(stderr, "Program terminating. \n");
exit(1);
}
Comments
- Anonymous
January 01, 2003
thanks