DSCResources/ArcGIS_TLSCertificateFileImport/ArcGIS_TLSCertificateFileImport.psm1
|
<# .SYNOPSIS Imports a SSL certificate to specified store location on local machines. .PARAMETER Ensure Take the values Present or Absent. - "Present" ensures the certificate is imported local machines specified store location. - "Absent" not implemented. .PARAMETER CertificatePath Certificate Path from where to fetch the certificate to be installed. .PARAMETER StoreLocation Location of the Store where the SSL Certificate will be imported .PARAMETER StoreName Store Name in the Store Location where the SSL Certificate will be imported .PARAMETER CertificatePassword Credential to the Access the link to import Certificates into Trusted Store. #> function Get-TargetResource { [CmdletBinding()] [OutputType([System.Collections.Hashtable])] param ( [parameter(Mandatory = $true)] [System.String] $CertificatePath, [parameter(Mandatory = $true)] [System.String] $StoreLocation = 'LocalMachine', [parameter(Mandatory = $true)] [System.String] $StoreName = 'Root', [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $CertificatePassword ) $null } function Test-TargetResource { [CmdletBinding()] [OutputType([System.Boolean])] param ( [parameter(Mandatory = $true)] [System.String] $CertificatePath, [ValidateSet("Present","Absent")] [System.String] $Ensure, [parameter(Mandatory = $true)] [System.String] $StoreLocation = 'LocalMachine', [parameter(Mandatory = $true)] [System.String] $StoreName = 'Root', [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $CertificatePassword ) $result = $false if($CertificatePassword -and (Test-Path $CertificatePath)) { $Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $CertificatePath, $CertificatePassword.GetNetworkCredential().Password $Thumbprint = $Cert.Thumbprint if(-not(Test-Path "Cert:\$StoreLocation\$StoreName\$($Thumbprint)")) { Write-Verbose "Certificate with thumprint '$Thumbprint' does not exist. Import certificate from $CertificatePath in Store:- $StoreName into StoreLocation:- $StoreLocatio" }else { Write-Verbose "Certificate with thumprint '$Thumbprint' already exists in Store:- $StoreName in StoreLocation:- $StoreLocation" $result = $true } } if($Ensure -ieq 'Present') { $result } elseif($Ensure -ieq 'Absent') { (-not($result)) } } function Set-TargetResource { [CmdletBinding()] param ( [parameter(Mandatory = $true)] [System.String] $CertificatePath, [ValidateSet("Present","Absent")] [System.String] $Ensure, [parameter(Mandatory = $true)] [System.String] $StoreLocation = 'LocalMachine', [parameter(Mandatory = $true)] [System.String] $StoreName = 'Root', [parameter(Mandatory = $false)] [System.Management.Automation.PSCredential] $CertificatePassword ) if($CertificatePassword -and (Test-Path $CertificatePath)) { $Cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $CertificatePath, $CertificatePassword.GetNetworkCredential().Password $Thumbprint = $Cert.Thumbprint if($Ensure -ieq 'Present') { if(-not(Test-Path "Cert:\$StoreLocation\$StoreName\$($Thumbprint)")) { Write-Verbose "Certificate with thumprint '$Thumbprint' does not exist. Import certificate from $CertificatePath to store:- $StoreName in store location:- $StoreLocation" $CertStore = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Store $StoreName, $StoreLocation $CertStore.Open("MaxAllowed") $CertStore.Add($Cert) $CertStore.Close() Write-Verbose "Imported Certificate with thumprint '$Thumbprint' to store:- $StoreName in store location:- $StoreLocation" }else { Write-Verbose "Certificate with thumprint '$Thumbprint' already exists in Store:- $StoreName in StoreLocation:- $StoreLocation" } }else { Write-Verbose "Ensure ='Absent' not implemented" } } } Export-ModuleMember -Function *-TargetResource |