Patch My PC Ideas & Feedback
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize requests, please see:
Enterprise IT administrators must monitor Secure Boot certificates (KEK, DB, DBX, PK) for expiration to prevent security issues and ensure compliance. Currently, Patch My PC Insights reports do not expose Secure Boot certificate details. Without this visibility, organizations risk unplanned outages, boot failures, and audit findings when certificates expire undetected.
Requested Feature
Please add a reporting feature in Patch My PC Insights to:
Automatically inventory Secure Boot certificate details (issuer, type, expiration date) from all managed Windows devices.
Provide an insight dashboard summarizing certificate expiration status across the fleet.
Generate a detailed report listing expiration and certificate details per computer.
Support alerts or flags for certificates expiring within a configurable time window.
This will enable proactive certificate renewal planning and secure operations, directly supporting security and compliance goals.
