Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

Andreas

8/25/23, 4:17 PM

We are running an NPS-Server on Windows Server 2016 that serves as a Radius-Server for our wifi-network. A few days ago, all clients lost the connection because the validity of the certificate in use for the MS-PEAP-Protocol ended.

Now we would like to add an automatic check that warns us before the certificate will end the next time. It should connect to the server as a normal client and check if the certificate is still valid for another 3 weeks.

Is there a solution for this using the powershell? Or any other programming language?

I already found a script that can replace the certificate, the server uses for MS-PEAP-Connections (https://www.powershellgallery.com/packages/Posh-ACME.Deploy/1.3.0/Content/Public%5CSet-NPSCertificate.ps1). But I am looking for a script that checks if this was successful.

0 + 0

powershell

nps

windows-server-2016

Score:0

Server

4snok

8/29/23, 2:51 PM

this protocol must be using Secure Socket Layer/Transport Level Security (SSL/TLS) and you should be able to check certificate using standard tools like openssl or .net sslstreal object

here is an example of the PS script

https://techibee.com/powershell/powershell-remotely-query-certificate-expiry-date-subject-issuer-and-other-details/2981

*please note that your service is unlikely listening on 443 port

0 + 0

Andreas

8/30/23, 4:06 PM

As far as I know, this protocol uses unencrypted UDP for first contact. The certificate does come into play later. Probably similar to StartTLS where the encrypted connection is established after an initial handshake. Thus I need to implement or use at least some of the protocol before the server responds with the certificate. I did a TCP-portscan as well of course. Just to be sure.

4snok

9/1/23, 12:16 AM

yeah, you're right. Then it will be easier to check the cert from a server side.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

TH: Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

RO: Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

RU: Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

VI: Check MS-PEAP-Certificate by opening a connection (using Powershell or any other environment)

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.