Se trovi questo messaggio negli eventi di windows che indica un certificato scaduto o in scadenza:

Log Name: Application
Source: Microsoft-Windows-CertificateServicesClient-AutoEnrollment
Date: 12/04/2017 19.24.45
Event ID: 64
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: srv01.sgart.local
Description: Certificate for local system with Thumbprint 2a 90 33 96 f3 e2 00 63 e8 c4 4e 66 71 0e a5 78 dc ee 4a d7 is about to expire or already expired.
per capire qual'è il certificato in scadenza, lo puoi cercare nelle store tramite il suo thumbprint. La ricerca può essere fatta tramite PowerShell interrogando il path cert:\:
Get-ChildItem -Path 'cert:\' -Recurse | ? {$_.Thumbprint -eq '2a 90 33 96 f3 e2 00 63 e8 c4 4e 66 71 0e a5 78 dc ee 4a d7'.replace(' ','')} | select *
che da un risultato simile a questo:
PSPath                   : Microsoft.PowerShell.Security\Certificate::LocalMach
                           ine\My\2A903396F3E20063E8C44E66710EA578DCEE4AD7
PSParentPath             : Microsoft.PowerShell.Security\Certificate::LocalMach
                           ine\My
PSChildName              : 2A903396F3E20063E8C44E66710EA578DCEE4AD7
PSDrive                  : Cert
PSProvider               : Microsoft.PowerShell.Security\Certificate
PSIsContainer            : False
EnhancedKeyUsageList     : {Server Authentication (1.3.6.1.5.5.7.3.1), Client
                           Authentication (1.3.6.1.5.5.7.3.2)}
DnsNameList              : {www.sgart.local}
SendAsTrustedIssuer      : False
EnrollmentPolicyEndPoint : Microsoft.CertificateServices.Commands.EnrollmentEnd
                           PointProperty
EnrollmentServerEndPoint : Microsoft.CertificateServices.Commands.EnrollmentEnd
                           PointProperty
PolicyId                 :
Archived                 : False
Extensions               : {System.Security.Cryptography.Oid,
                           System.Security.Cryptography.Oid,
                           System.Security.Cryptography.Oid,
                           System.Security.Cryptography.Oid...}
FriendlyName             :
IssuerName               : System.Security.Cryptography.X509Certificates.X500Di
                           stinguishedName
NotAfter                 : 17/01/2017 02.59.59
NotBefore                : 21/10/2014 04.00.00
HasPrivateKey            : False
PrivateKey               :
PublicKey                : System.Security.Cryptography.X509Certificates.Public
                           Key
RawData                  : {48, 130, 4, 245...}
SerialNumber             : 504C0D526C5542994CBC5170A9BBBFE0
SubjectName              : System.Security.Cryptography.X509Certificates.X500Di
                           stinguishedName
SignatureAlgorithm       : System.Security.Cryptography.Oid
Thumbprint               : 2A903396F3E20063E8C44E66710EA578DCEE4AD7
Version                  : 3
Handle                   : 336904204688
Issuer                   : CN=Symantec Class 3 Secure Server CA - G4,
                           OU=Symantec Trust Network, O=Symantec Corporation,
                           C=US
Subject                  : CN=www.sgart.local, OU=IT, O=Sgart, L=MI, S=MI, C=IT
la proprietà Subject aiuta ad identificare il certificato.