Script: Boost SIF Certificate Expiry Days

> One simple script that definitely won't delete your system32 folder
Cover Image for Script: Boost SIF Certificate Expiry Days

Overview

Millions of man hours have been lost due to Sitecore certs expiring on local dev machines after 2 years. Updating the cert can be time consuming, especially if you're running xConnect and have to update the cert in multiple places. Often times, it's easier to just reinstall Sitecore.

The script in this post will prevent that from happening in the first place by making a small change to the local installation of Sitecore Install Framework (SIF).

Script

Time to claw back some man hours. Run this script as an admin, either standalone, or include it as part of your custom installation scripts so that all of your devs benefit without having to lift a finger.


_61
# Path may need to be adjusted -- keep it broad enough to apply the boost to all SIF versions that may be installed
_61
$path = "C:\Program Files\WindowsPowerShell\Modules\SitecoreInstallFramework"
_61
_61
Write-Host "---"
_61
Write-Host "Checking if SIF cert creation expiry days need a BOOST..."
_61
_61
if (-Not (Test-Path -Path $path)) {
_61
Write-Host "Sitecore Install Framework path does not exist: $path"
_61
exit
_61
}
_61
_61
$certScriptFileName = "Certificates.ps1"
_61
$certScriptFiles = Get-ChildItem -Path $path -Recurse -Filter $certScriptFileName
_61
_61
if ($certScriptFiles.Count -eq 0) {
_61
Write-Host "No $certScriptFileName files found in $path. Unable to BOOST cert expiry days."
_61
exit
_61
}
_61
else {
_61
Write-Host "Found $($certScriptFiles.Count) $certScriptFileName files in $path."
_61
Write-Host "---"
_61
}
_61
_61
foreach ($file in $certScriptFiles) {
_61
$existingContent = Get-Content -Path $file.FullName
_61
$needsBOOST = $false
_61
_61
$newContent = foreach ($line in $existingContent) {
_61
if ($line -match 'NotAfter = \(\$date\)\.AddDays\((\d+)\)') {
_61
$days = [int]$matches[1]
_61
if ($days -lt 3650) {
_61
$needsBOOST = $true
_61
$line -replace 'NotAfter = \(\$date\)\.AddDays\((\d+)\)', 'NotAfter = ($date).AddDays(3650)'
_61
}
_61
else {
_61
$line
_61
}
_61
}
_61
else {
_61
$line
_61
}
_61
}
_61
_61
if ($needsBOOST) {
_61
$backupFileName = $file.FullName + ".bak"
_61
if (-Not (Test-Path -Path $backupFileName)) {
_61
Copy-Item -Path $file.FullName -Destination $backupFileName
_61
Write-Host "Created backup of $($file.FullName) before making changes."
_61
}
_61
_61
Set-Content -Path $file.FullName -Value $newContent
_61
Write-Host "BOOSTED the cert expiry days in $($file.FullName)." -ForegroundColor Green
_61
}
_61
else {
_61
Write-Host "Cert expiry days are already BOOSTED in $($file.FullName)." -ForegroundColor Green
_61
}
_61
_61
Write-Host "----"
_61
}
_61
_61
Write-Host "Completed BOOST check.`n"

Inspiration for this script came from https://raghvendracodes.wordpress.com/2020/09/28/extending-sitecore-xconnect-client-certificate-expiration-date-during-sitecore-installation/

Stay BOOSTED,

-MG


More Stories

Cover Image for Security Series: App Service IP Restrictions

Security Series: App Service IP Restrictions

> How to manage IP rules "at scale" using the Azure CLI

Cover Image for Ideas For Docker up.ps1 Scripts

Ideas For Docker up.ps1 Scripts

> Because Docker can be brittle

Cover Image for Troubleshooting 502 Responses in Azure App Services

Troubleshooting 502 Responses in Azure App Services

> App Services don't support all libraries

Cover Image for On Sitecore Development

On Sitecore Development

> Broadly speaking

Cover Image for SPE Script Performance & Troubleshooting

SPE Script Performance & Troubleshooting

> Script never ends or runs too slow? Get in here.

Cover Image for Tips for Applying Cumulative Sitecore XM/XP Patches and Hotfixes

Tips for Applying Cumulative Sitecore XM/XP Patches and Hotfixes

> It's probably time to overhaul your processes

Cover Image for Hello World

Hello World

> Welcome to the show

Cover Image for How to Run Old Versions of Solr in a Docker Container

How to Run Old Versions of Solr in a Docker Container

> Please don't make me install another version of Solr on my local...

Cover Image for On Sitecore Stack Exchange (SSE)

On Sitecore Stack Exchange (SSE)

> What I've learned, what I see, what I want to see

Cover Image for On Mentorship and Community Contributions

On Mentorship and Community Contributions

> Reflections and what I learned as an MVP mentor

Cover Image for Year in Review: 2022

Year in Review: 2022

> Full steam ahead

Cover Image for NextJS: Short URL for Viewing Layout Service Response

NextJS: Short URL for Viewing Layout Service Response

> Because the default URL is 2long4me

Cover Image for Tips for New Sitecore Developers

Tips for New Sitecore Developers

> If I had more time, I would have written a shorter letter

Cover Image for Critical Security Bulletin SC2024-001-619349 Announced

Critical Security Bulletin SC2024-001-619349 Announced

> And other scintillating commentary

Cover Image for Tips for Forms Implementations

Tips for Forms Implementations

> And other pro tips

Cover Image for Content Editor Search Bar Not Working

Content Editor Search Bar Not Working

> Sometimes it works, sometimes not

Cover Image for JSS: Reducing Bloat in Multilist Field Serialization

JSS: Reducing Bloat in Multilist Field Serialization

> Because: performance, security, and error-avoidance

Cover Image for NextJS: Unable to Verify the First Certificate

NextJS: Unable to Verify the First Certificate

> UNABLE_TO_VERIFY_LEAF_SIGNATURE

Cover Image for JSS + TypeScript Sitecore Project Tips

JSS + TypeScript Sitecore Project Tips

> New tech, new challenges

Cover Image for Super Fast Project Builds with Visual Studio Publish

Super Fast Project Builds with Visual Studio Publish

> For when solution builds take too long

Cover Image for Sitecore Symposium 2022

Sitecore Symposium 2022

> What I'm Watching 👀

Cover Image for Symposium 2022 Reflections

Symposium 2022 Reflections

> Sitecore is making big changes

Cover Image for NextJS: Access has been blocked by CORS policy

NextJS: Access has been blocked by CORS policy

> CORS is almost as much of a nuisance as GDPR popups

Cover Image for Don't Ignore the HttpRequestValidationException

Don't Ignore the HttpRequestValidationException

> Doing so could be... potentially dangerous

Cover Image for NextJS/JSS Edit Frames Before JSS v21.1.0

NextJS/JSS Edit Frames Before JSS v21.1.0

> It is possible. We have the technology.

Cover Image for Azure PaaS Cache Optimization

Azure PaaS Cache Optimization

> App Services benefit greatly from proper configuration

Cover Image for Add TypeScript Type Checks to RouteData fields

Add TypeScript Type Checks to RouteData fields

> Inspired by error: Conversion of type may be a mistake because neither type sufficiently overlaps with the other.

Cover Image for Early Returns in React Components

Early Returns in React Components

> When and how should you return early in a React component?