setting a FriendlyName for a Windows certificate (#9)

* setting a FriendlyName for a Windows certificate * updates per PR review * more updates
PlayFab · May 22, 2024 · dd21ac9 · dd21ac9
1 parent 1d7c96d
commit dd21ac9
Show file tree

Hide file tree

Showing 2 changed files with 45 additions and 0 deletions.
diff --git a/windows_set_certificate_friendlyname/PF_StartupScript.ps1 b/windows_set_certificate_friendlyname/PF_StartupScript.ps1
@@ -0,0 +1,39 @@
+<#
+.SYNOPSIS
+  <Overview of script>
+.DESCRIPTION
+  <Brief description of script>
+.NOTES
+  Version:        1.0
+  Author:         <Name>
+  Creation Date:  <Date>
+  Purpose/Change: Initial script development
+#>
+
+# Set Error Action to Stop
+$ErrorActionPreference = "Stop"
+
+# Grab the script path 
+$scriptPath = split-path -parent $MyInvocation.MyCommand.Definition
+echo "the current script path is $scriptPath"
+
+# these are some of the env variables that are available to you
+echo "PlayFab Title ID is $env:PF_TITLE_ID" # e.g. 59F84
+echo "PlayFab Build ID is $env:PF_BUILD_ID" # Guid, e.g. 09d91059-22d3-4d0a-8c99-f34f80525aae
+echo "PlayFab Virtual Machine ID is $env:PF_VM_ID" # e.g. vmss:SouthCentralUs:2458795A9259968E_12fe54be-fae1-41aa-83d9-09b809d5ef01:09d91059-22d3-4d0a-8c99-f34f80525aae
+echo "Region where the VM is deployed is $env:PF_REGION" # e.g. SouthCentralUs
+echo "Shared content folder is $env:PF_SHARED_CONTENT_FOLDER_VM" # e.g. D:\sharedcontentfolder (All servers running on this VM have access to this folder through the PF_SHARED_CONTENT_FOLDER env variable.)
+
+# ACTION: Specify the correct subject name for your certificate
+$subjectName = "DC=..., O=..., OU=..., CN=..."
+
+# Find the certificate by subject name in the machine store
+$cert = Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object { $_.SubjectName.Name -eq $subjectName }
+
+if ($cert) {
+    # ACTION: specify a proper friendly name for your certificate
+    $cert.FriendlyName = "My cert friendly name"
+    Write-Host "Friendly name set to 'My cert friendly name' for the certificate with subject name: $subjectName"
+} else {
+    Write-Host "Certificate with subject name '$subjectName' not found."
+}
diff --git a/windows_set_certificate_friendlyname/README.md b/windows_set_certificate_friendlyname/README.md
@@ -0,0 +1,6 @@
+# Windows - set certificate with friendly name
+
+The FriendlyName property is a Windows-only piece of metadata that can be included in a PFX certificate file. This field may get removed from any certificate uploaded as part of an PlayFab Build. In most cases this is acceptable--the FriendlyName is only supposed to help a human user identify a certificate when looking though a computer's certificate store.
+Some programs, however, search for certificates using their FriendlyNames. If changing the program to search for the certificate using a more standard method (e.g. Subject, Thumbprint, etc) isn't possible, you can use this script to set the FriendlyName on startup.
+
+**NOTE**: This script is applicable only to Windows process-based Builds. In this case, certs are deployed to the local machine store of the VM so the VmStartupScript can access them and set the friendly name. If you are running Builds using Windows containers, you can use a similar script on your StartGameCommand (before you start your game server).