From 70056a7f468c8112589815ede32f83be71116b74 Mon Sep 17 00:00:00 2001 From: Dave Wyatt Date: Fri, 7 Aug 2015 10:34:10 -0400 Subject: [PATCH] Added support for PFX files with passwords --- .../StackExchange_CertificateStore.psm1 | 34 +++++++++++++++---- .../StackExchange_CertificateStore.schema.mof | 6 ++-- StackExchangeResources.psd1 | 2 +- 3 files changed, 31 insertions(+), 11 deletions(-) diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 index 4f063fd..3182735 100644 --- a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 +++ b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 @@ -1,5 +1,3 @@ - - function Get-TargetResource { [OutputType([Hashtable])] @@ -70,7 +68,10 @@ function Set-TargetResource [parameter()] [ValidateSet('Present','Absent')] [string] - $Ensure = 'Present' + $Ensure = 'Present', + [parameter()] + [pscredential] + $Password ) $CertificateBaseLocation = "cert:\$Location\$Store" @@ -78,7 +79,14 @@ function Set-TargetResource if ($Ensure -like 'Present') { Write-Verbose "Adding $path to $CertificateBaseLocation." - Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path + + $passwordSplat = @{} + if ($Password) + { + $passwordSplat['Password'] = $Password.Password + } + + Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path @passwordSplat } else { @@ -110,7 +118,10 @@ function Test-TargetResource [parameter()] [ValidateSet('Present','Absent')] [string] - $Ensure = 'Present' + $Ensure = 'Present', + [parameter()] + [pscredential] + $Password ) $IsValid = $false @@ -123,7 +134,18 @@ function Test-TargetResource if (Test-Path $CertificateLocation) { Write-Verbose "Found a matching certficate at $CertificateLocation" - $IsValid = $true + + $cert = Get-Item $CertificateLocation + + if ($cert.HasPrivateKey) + { + Write-Verbose "Certficate at $CertificateLocation has a private key installed." + $IsValid = $true + } + else + { + Write-Verbose "Certficate at $CertificateLocation does not have a private key installed." + } } else { diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof index b08023e..12978bd 100644 --- a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof +++ b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof @@ -1,4 +1,4 @@ -[ClassVersion("1.0"), FriendlyName("CertificateStore")] +[ClassVersion("1.1"), FriendlyName("CertificateStore")] class StackExchange_CertificateStore : OMI_BaseResource { [Key] string Name; @@ -6,7 +6,5 @@ class StackExchange_CertificateStore : OMI_BaseResource [write,ValueMap{"LocalMachine", "CurrentUser"},Values{"LocalMachine", "CurrentUser"}] string Location; [write] string Store; [write,ValueMap{"Present", "Absent"},Values{"Present", "Absent"}] string Ensure; +[write,EmbeddedInstance("MSFT_Credential")] string Password; }; - - - diff --git a/StackExchangeResources.psd1 b/StackExchangeResources.psd1 index aabce29..e61e8ac 100644 --- a/StackExchangeResources.psd1 +++ b/StackExchangeResources.psd1 @@ -12,7 +12,7 @@ # RootModule = '' # Version number of this module. -ModuleVersion = '1.9.10.0' +ModuleVersion = '1.9.11.0' # ID used to uniquely identify this module GUID = '7cec8ec5-91d8-435e-8136-51088d62fbed'