Introduction
This tool will allow you to check your SCOM Certificate. It is very efficient and has been improved upon over time. You may edit line 751 to allow you to change what happens when you run from Powershell ISE. Copying and pasting the script to Powershell ISE after you run MOMCertImport on a certificate is the most common way to run the script, which requires no arguments or modifications. Just run the script and you will see where the issue may be.
Authors
- Tyson Paul (https://monitoringguys.com/)
- Lincoln Atkinson (https://latkin.org/blog/)
- Mike Kallhoff
- Blake Drumm (https://blakedrumm.com/)
Where to get it
Test-SCOMCertificate.ps1 
Direct Download Link
or
Personal File Server - Test-SCOMCertificate.ps1 Alternative Download Link
or
Personal File Server - Test-SCOMCertificate.txt Text Format Alternative Download Link
Argument List
| Argument List | Description |
|---|---|
| -All | Check All Certificates in Local Machine Store. |
| -Servers | Each Server you want to Check SCOM Certificates on. |
| -SerialNumber | Check a specific Certificate serial number in the Local Machine Personal Store. Not reversed. |
| -OutputFile | Where to Output the File (txt, log, etc) for Script Execution. |
Examples
Example 1
Check the certificate you have currently configured for SCOM on the local machine:
PS C:\> .\Test-SCOMCertificate.ps1Example 2
Check for a specific Certificate Serial number in the Local Machine Personal Certificate store:
PS C:\> .\Test-SCOMCertificate.ps1 -SerialNumber 1f00000008c694dac94bcfdc4a000000000008Example 3
Check all certificates on the local machine:
PS C:\> .\Test-SCOMCertificate.ps1 -AllExample 4
Check All Certificates on 4 Servers and outputting the results to C:\Temp\Output.txt:
PS C:\> .\Test-SCOMCertificate.ps1 -Servers ManagementServer1, ManagementServer2.contoso.com, Gateway.contoso.com, Agent1.contoso.com -All -OutputFile C:\Temp\Output.txt
Example of Failure
Share on:
