Hi,

you can user below Script given by Microsoft to generate list of Enterprise Apps with their Secret and Certificate Expiry dates. i have seen it generates each entry for Client Secret and Certificate Expiry. Review and remove duplicates.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/scripts/powershell-export-all-enterprise-apps-secrets-and-certs?

Connect-AzureAD
$Applications = Get-AzureADApplication -all $true
$EnterpriseApps = Get-AzureADServicePrincipal -all $true
$Logs = @()
foreach ($Eapp in $EnterpriseApps) {
 $AppName = $Eapp.DisplayName
 $AppID = $Eapp.objectid
 $ApplID = $Eapp.AppId
 #$AppCreds = Get-AzureADApplication -ObjectId $AppID | select PasswordCredentials, KeyCredentials
 $AppCreds = Get-AzureADServicePrincipal -ObjectId $AppID | select PasswordCredentials, KeyCredentials
 $secret = $AppCreds.PasswordCredentials
 $cert = $AppCreds.KeyCredentials
 ############################################
 $Log = New-Object System.Object
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationName" -Value $AppName
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationID" -Value $ApplID
 $Log | Add-Member -MemberType NoteProperty -Name "Secret Start Date" -Value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Secret End Date" -value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate Start Date" -Value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate End Date" -value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Owner" -Value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Owner_ObjectID" -value $Null
 $Logs += $Log
 ############################################
 foreach ($s in $secret) {
 $StartDate = $s.StartDate
 $EndDate = $s.EndDate
 #$operation = $EndDate - $now
 #$ODays = $operation.Days
 $Owner = Get-AzureADServicePrincipalOwner -ObjectId $Eapp.ObjectId
 $Username = $Owner.UserPrincipalName -join ";"
 $OwnerID = $Owner.ObjectID -join ";"
 if ($owner.UserPrincipalName -eq $Null) {
 $Username = $Owner.DisplayName + " **<This is an Application>**"
 }
 if ($Owner.DisplayName -eq $null) {
 $Username = "<<No Owner>>"
 }
 $Log = New-Object System.Object
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationName" -Value $AppName
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationID" -Value $ApplID
 $Log | Add-Member -MemberType NoteProperty -Name "Secret Start Date" -Value $StartDate
 $Log | Add-Member -MemberType NoteProperty -Name "Secret End Date" -value $EndDate
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate Start Date" -Value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate End Date" -value $Null
 $Log | Add-Member -MemberType NoteProperty -Name "Owner" -Value $Username
 $Log | Add-Member -MemberType NoteProperty -Name "Owner_ObjectID" -value $OwnerID
 $Logs += $Log
 }
 
 foreach ($c in $cert) {
 $CStartDate = $c.StartDate
 $CEndDate = $c.EndDate
 #$COperation = $CEndDate - $now
 #$CODays = $COperation.Days
 $Owner = Get-AzureADServicePrincipalOwner -ObjectId $Eapp.ObjectId
 $Username = $Owner.UserPrincipalName -join ";"
 $OwnerID = $Owner.ObjectID -join ";"
 if ($owner.UserPrincipalName -eq $Null) {
 $Username = $Owner.DisplayName + " **<This is an Application>**"
 }
 if ($Owner.DisplayName -eq $null) {
 $Username = "<<No Owner>>"
 }
 $Log = New-Object System.Object
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationName" -Value $AppName
 $Log | Add-Member -MemberType NoteProperty -Name "ApplicationID" -Value $ApplID
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate Start Date" -Value $CStartDate
 $Log | Add-Member -MemberType NoteProperty -Name "Certificate End Date" -value $CEndDate
 $Log | Add-Member -MemberType NoteProperty -Name "Owner" -Value $Username
 $Log | Add-Member -MemberType NoteProperty -Name "Owner_ObjectID" -value $OwnerID
 $Logs += $Log
 }
}
$Logs | Export-CSV EAppsCertExpiry.csv-NoTypeInformation -Encoding UTF8

Thanks