Import-NetworkControllerRestCertificate

1.0

Import-NetworkControllerRestCertificate.ps1

                                
<#PSScriptInfo

.VERSION 1.0

.GUID 834b868e-bc54-4ad7-baf7-1d8be4970e32

.AUTHOR sbagga

.COMPANYNAME

.COPYRIGHT

.TAGS

.LICENSEURI

.PROJECTURI

.ICONURI

.EXTERNALMODULEDEPENDENCIES 

.REQUIREDSCRIPTS

.EXTERNALSCRIPTDEPENDENCIES

.RELEASENOTES

.PRIVATEDATA

#>

<# 

.DESCRIPTION 

 This script searches for and adds the certificate associated with the Network Controller REST URI to the Trusted Root directory of the WAC gateway 

#> 

param

(

    [Parameter(Mandatory = $true)]

    [ValidateNotNullorEmpty()]

    [String] $connectionUri

)

#Import Network Controller Module

Import-Module NetworkController -Force

# Create a New Public IP Address

Try

{

  [byte[]] $certData

  # trigger REST query

  try {

    $request = [System.Net.WebRequest]::Create($connectionUri)

    $request.GetResponse();

    Write-Host "Creating a request to $($connectionUri)..."

  } catch {

    $certData = $request.ServicePoint.Certificate.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Cert)

  }

  if($null -eq $certData) {

    # ignore and move on if no certificate data was found

    Write-Host "Certificate not found in the request, exiting."

    return

  }

  #convert x509 cert into x509cert2

  $x509Cert2 = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($certData)

  $existingCerts = (gci Cert:\LocalMachine\Root | ?{$_.Thumbprint -eq $x509Cert2.Thumbprint})

  if ( $null -ne $existingCerts -and $existingCerts.Count -ge 1) {

    #a cert was found, bail out

    Write-Host "Certificate found with thumbprint $($x509Cert2.Thumbprint), skipping import."

    return

  }

  Write-Host "Importing certificate with thumbprint $($x509Cert2.Thumbprint)..."

  # check if this certificate is valid or not

  $store = [System.Security.Cryptography.X509Certificates.X509Store]::new([System.Security.Cryptography.X509Certificates.StoreName]::Root, [System.Security.Cryptography.X509Certificates.StoreLocation]::LocalMachine)

  $store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::MaxAllowed)

  $store.Add($x509Cert2)

  $store.Close();

  $store.Dispose();

  Write-Host "Certificate with thumbprint $($x509Cert2.Thumbprint)...included"

  #import completed successfully

}

Catch

{

  Write-Host $_

  Write-Host $_.Exception

  throw $_

}