I have in the past made a list of all the alias’s that were expired and then made a forloop in CMD to then go through and remove all of them but I was wondering if anyone knew of a perl script or anything that would both find the expired certs then remove them
Answer
I was thinking about writing a way to do this in PowerShell but someone already wrote this in bash which would probably be more relevant for you.
Essentially you need to run keytool -list -v which outputs verbose details of certificates in the particular keystore. Once you have that you need to write a script that reads through the output and determines which certificates are expired. Once you have information on which certificates are expired you build an array and then delete all of the certificates added to the array.
This is an example script.
You could change the line that starts with
echo "[WARNING]
to
keytool -delete -alias
Attribution
Source : Link , Question Author : Crypto , Answer Author : user5870571
