← Home

Script: Boost SIF Certificate Expiry Days

> One simple script that definitely won't delete your system32 folder
Cover Image for Script: Boost SIF Certificate Expiry Days
Marcel Gruber

Overview

Millions of man hours have been lost due to Sitecore certs expiring on local dev machines after 2 years. Updating the cert can be time consuming, especially if you're running xConnect and have to update the cert in multiple places. Often times, it's easier to just reinstall Sitecore.

The script in this post will prevent that from happening in the first place by making a small change to the local installation of Sitecore Install Framework (SIF).

Script

Time to claw back some man hours. Run this script as an admin, either standalone, or include it as part of your custom installation scripts so that all of your devs benefit without having to lift a finger.


_61
# Path may need to be adjusted -- keep it broad enough to apply the boost to all SIF versions that may be installed
_61
$path = "C:\Program Files\WindowsPowerShell\Modules\SitecoreInstallFramework"
_61
_61
Write-Host "---"
_61
Write-Host "Checking if SIF cert creation expiry days need a BOOST..."
_61
_61
if (-Not (Test-Path -Path $path)) {
_61
Write-Host "Sitecore Install Framework path does not exist: $path"
_61
exit
_61
}
_61
_61
$certScriptFileName = "Certificates.ps1"
_61
$certScriptFiles = Get-ChildItem -Path $path -Recurse -Filter $certScriptFileName
_61
_61
if ($certScriptFiles.Count -eq 0) {
_61
Write-Host "No $certScriptFileName files found in $path. Unable to BOOST cert expiry days."
_61
exit
_61
}
_61
else {
_61
Write-Host "Found $($certScriptFiles.Count) $certScriptFileName files in $path."
_61
Write-Host "---"
_61
}
_61
_61
foreach ($file in $certScriptFiles) {
_61
$existingContent = Get-Content -Path $file.FullName
_61
$needsBOOST = $false
_61
_61
$newContent = foreach ($line in $existingContent) {
_61
if ($line -match 'NotAfter = \(\$date\)\.AddDays\((\d+)\)') {
_61
$days = [int]$matches[1]
_61
if ($days -lt 3650) {
_61
$needsBOOST = $true
_61
$line -replace 'NotAfter = \(\$date\)\.AddDays\((\d+)\)', 'NotAfter = ($date).AddDays(3650)'
_61
}
_61
else {
_61
$line
_61
}
_61
}
_61
else {
_61
$line
_61
}
_61
}
_61
_61
if ($needsBOOST) {
_61
$backupFileName = $file.FullName + ".bak"
_61
if (-Not (Test-Path -Path $backupFileName)) {
_61
Copy-Item -Path $file.FullName -Destination $backupFileName
_61
Write-Host "Created backup of $($file.FullName) before making changes."
_61
}
_61
_61
Set-Content -Path $file.FullName -Value $newContent
_61
Write-Host "BOOSTED the cert expiry days in $($file.FullName)." -ForegroundColor Green
_61
}
_61
else {
_61
Write-Host "Cert expiry days are already BOOSTED in $($file.FullName)." -ForegroundColor Green
_61
}
_61
_61
Write-Host "----"
_61
}
_61
_61
Write-Host "Completed BOOST check.`n"

Inspiration for this script came from https://raghvendracodes.wordpress.com/2020/09/28/extending-sitecore-xconnect-client-certificate-expiration-date-during-sitecore-installation/

Stay BOOSTED,

-MG

More Stories

System.OutOfMemoryException

Cover Image for Automatic TypeScript Model Generation With TDS

Automatic TypeScript Model Generation With TDS

Cover Image for Azure PaaS Cache Optimization

Azure PaaS Cache Optimization

> App Services benefit greatly from proper configuration

Cover Image for Blocking Malicious Bots with IIS

Blocking Malicious Bots with IIS