Simple function to get certificate info from Active Directory Certificate Authority

Get-CertificateAuthority : Get the Active Directory object of the Certficate Authorities configured to issue certificates on a Domain.

Get-CaLocationString : Get the list of Certificate Authorities on the domain and output the Location Strings used to connect to them. Connection strings are in the form of Server\CAName

Get-ADCertificateTemplate : Gets the Active Directory object of Certificate templates on a domain

Get-CertificateTemplateOID : Gets the OID of a specific template from Active Directory.

Get-IssuedCertificate : Gets Certificates issued by a Certificate Authority. Can be filtered by CommonName, Certificate Template or Days untill expire

Looking on PowerShellGallery.com, I did not find anythign that could retrive certificates from a remote ADCS server and save them to a file. Or get a list of soon to expire Certificates

For example. to get all the certificates that will expire in the next two weeks from all CA's on the current Domain.

Get-IssuedCertificate -ExpireInDays 14

Or to save off all the certificates issues for use by Desired State Configuration (DSC)

$DSCCerts = Get-IssuedCertificate -CertificateTemplateOid (Get-CertificateTemplateOID -Name 'DSCTemplate') -Properties 'Issued Common Name', 'Binary Certificate' 
foreach ($cert in $DSCCerts)
{
    set-content -path "c:\certs\$($cert.'Issued Common Name').cer" -Value $cert.'Binary Certificate' -Encoding Ascii
}