diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 index 4f063fd..18cc72f 100644 --- a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 +++ b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 @@ -70,21 +70,45 @@ function Set-TargetResource [parameter()] [ValidateSet('Present','Absent')] [string] - $Ensure = 'Present' + $Ensure = 'Present', + [parameter()] + [string] + $Password ) $CertificateBaseLocation = "cert:\$Location\$Store" if ($Ensure -like 'Present') - { - Write-Verbose "Adding $path to $CertificateBaseLocation." - Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path + { + write-verbose "Is Password Null: $($password -eq $null)" + + if ($password -ne $null){ + write-verbose "Import PFX Cert using password" + if ((Get-WmiObject Win32_OperatingSystem | select -ExpandProperty Version) -eq "6.3.9600"){ + write-verbose "Windows 2012 detected" + $SPassword = ($Password | ConvertTo-SecureString -AsPlainText -Force) + Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path -Password $SPassword + }else{ + write-verbose "Windows 2008 detected" + certutil -f -importpfx -p $Password $Path + } + }else + { + write-verbose "Import PFX Cert without using password" + if ((Get-WmiObject Win32_OperatingSystem | select -ExpandProperty Version) -eq "6.3.9600"){ + write-verbose "Windows 2012 detected" + Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path + }else{ + write-verbose "Windows 2008 detected" + certutil -f -importpfx $Path + } + } } else { $CertificateLocation = Join-path $CertificateBaseLocation $Name - Write-Verbose "Removing $CertificateLocation." - dir $CertificateLocation | Remove-Item -Force -Confirm:$false + Write-Verbose "Removing $name from $CertificateBaseLocation." + gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')} | Remove-Item -Force -Confirm:$false } } @@ -110,36 +134,39 @@ function Test-TargetResource [parameter()] [ValidateSet('Present','Absent')] [string] - $Ensure = 'Present' + $Ensure = 'Present', + [parameter()] + [string] + $Password ) $IsValid = $false - - $CertificateLocation = "cert:\$Location\$Store\$Name" + + $CertificateBaseLocation = "cert:\$Location\$Store\" if ($Ensure -like 'Present') { - Write-Verbose "Checking for $Name to be present in the $location store under $store." - if (Test-Path $CertificateLocation) + Write-Verbose "Checking for $Name to be present in the $CertificateBaseLocation store under $store." + if (gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')}) { - Write-Verbose "Found a matching certficate at $CertificateLocation" + Write-Verbose "Found a matching certficate at $CertificateBaseLocation" $IsValid = $true } else { - Write-Verbose "Unable to find a matching certficate at $CertificateLocation" + Write-Verbose "Unable to find a matching certficate at $CertificateBaseLocation" } } else { - Write-Verbose "Checking for $Name to be absent in the $location store under $store." - if (Test-Path $CertificateLocation) + Write-Verbose "Checking for $Name to be absent in the $CertificateBaseLocation store under $store." + if (gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')}) { - Write-Verbose "Found a matching certficate at $CertificateLocation" + Write-Verbose "Found a matching certficate at $CertificateBaseLocation" } else { - Write-Verbose "Unable to find a matching certficate at $CertificateLocation" + Write-Verbose "Unable to find a matching certficate at $CertificateBaseLocation" $IsValid = $true } } diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof index b08023e..e87a991 100644 Binary files a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof and b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof differ