From 4cdcb6c9f5bf68197835b282a8ffc651ac53fca6 Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Tue, 5 Mar 2024 16:32:57 +0000 Subject: [PATCH 1/7] Allow setting the hash algorithm and validity period for self-signed certificates --- bin/dbatools-index.json | Bin 8878218 -> 8880056 bytes dbatools.psd1 | 2 +- public/New-DbaComputerCertificate.ps1 | 20 ++++++++++++-- tests/New-DbaComputerCertificate.Tests.ps1 | 29 ++++++++++++++++++++- 4 files changed, 47 insertions(+), 4 deletions(-) diff --git a/bin/dbatools-index.json b/bin/dbatools-index.json index 4d887d20fb40abda622f175852da3e5f5ab32811..b0ed88a012dd20e281e5026b988de5c6041a13a7 100644 GIT binary patch delta 859 zcmZY5$xl;J6bA5Hc*Rnrwg?tvdI-uO))pv5CYe+ap|xdjLaj0sWGH1&oG9|4Q5O)K zcsG)`(T!UZj2qp#QKBoixY4*W^&il$tqO^YU*5U*-Sh7G-h=R}^6J;B5`+eEh=&3# z60i+ABtnlQY)3K-*a0IMmjRE8=1&LHgb>)6?xc$d=y|W_Ms3(C`JkP zqZ9{V!9iGILmA3Z0Xr(;Kot(58a1dz9qMry4QNCYn$dzIIErIvMH`Nz9VgI%&X>;D zi!z}%wJ2f-#3}HgJMDi zWH{)w%eeV?RT=|r25FqpD)QrJhvM<@v{#e~yQmbULXCENMY*UF6YI*^N}O^Q@$4$(k+w3l?8!y{0ufU1+5sR%j#Bd8MYav@tfe|GB0jWGT}B4XED? z_*P%9B#w(|c1(#L`Q}3~Pg)a9CDLD8koEXsu2HVEWa{MmZ_TNRV@w%6Du1}04(YeM zQ)HJ}o04SVbgCE-7XFXPCz_1-N@11ecjft^s;}vFv&=p$MmfDIW}+X6tW>5_#T>i5 zBEY*^G--PA+9bc#;X89GbnsE^Lm1-eLHxw)ff$q>EftJ=>%Xh24{{}oD9q9l7 delta 401 zcmWN=MNUHj07cONA1&_g?(VKdi@Uq?afd=L5*E-|cR^CZju^56cqchue=g(W*Jar8 zz!NVFyz#*oKl};6LLfl|6GA9qgcCs|QA86%EOEq>Kq5&blR_$Kq?17=S!9z#E_vir zKp{mGQ$i_alv6<^Ra8?$Ep^n>KqE~w(?Tn4w9`Q+U3Alfm0tSjXMjP5K5gF)w`n!r zEpMjNro%d-qdKPJI-!#~rPDg2vpT2qx}b}?q|3UZtGcG^x}lr8rQ5orySk_QdZ34T qq^2J0iJt12p6i8P>XlyWjo#{=-s^)ts$HM-SsjYLxJ~D)_2(ZAC#?Yh diff --git a/dbatools.psd1 b/dbatools.psd1 index 11bee38423..b13cdffb0c 100644 --- a/dbatools.psd1 +++ b/dbatools.psd1 @@ -29,7 +29,7 @@ Description = "The community module that enables SQL Server Pros to automate database development and server administration" # Modules that must be imported into the global environment prior to importing this module - RequiredModules = @{ ModuleName = 'dbatools.library'; ModuleVersion = '2023.9.21' } + #RequiredModules = @{ ModuleName = 'dbatools.library'; ModuleVersion = '2023.9.21' } # Assemblies that must be loaded prior to importing this module RequiredAssemblies = @() diff --git a/public/New-DbaComputerCertificate.ps1 b/public/New-DbaComputerCertificate.ps1 index 2df62deff5..e6e8ba8f11 100644 --- a/public/New-DbaComputerCertificate.ps1 +++ b/public/New-DbaComputerCertificate.ps1 @@ -78,6 +78,12 @@ function New-DbaComputerCertificate { .PARAMETER SelfSigned Creates a self-signed certificate. All other parameters can still apply except CaServer and CaName because the command does not go and get the certificate signed. + .PARAMETER HashAlgorithm + Specifies hashing algorithm for self-signed certificate. Must be one of the values Sha256, sha384, sha512, sha1, md5, md4, md2. + + .PARAMETER MonthsValid + Allows you to specify the number of months a self-signed certificate will be valid for. e.g a value of 60 will generate a certificate vaild until 5 years (60 months) time. + .PARAMETER EnableException By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. @@ -129,6 +135,11 @@ function New-DbaComputerCertificate { Creates a self-signed certificate + .EXAMPLE + PS C:\> New-DbaComputerCertificate -SelfSigned -HashAlgorithm Sha256 -MonthsValid 60 + + Creates a self-signed certificate using the SHA256 hashing algorithm that does not expire for 5 years + #> [CmdletBinding(SupportsShouldProcess, ConfirmImpact = "Low")] [Diagnostics.CodeAnalysis.SuppressMessageAttribute("PSUseOutputTypeCorrectly", "", Justification = "PSSA Rule Ignored by BOH")] @@ -150,7 +161,10 @@ function New-DbaComputerCertificate { [string[]]$Flag = @("Exportable", "PersistKeySet"), [string[]]$Dns, [switch]$SelfSigned, - [switch]$EnableException + [switch]$EnableException, + [ValidateSet("Sha256", "sha384", "sha512", "sha1", "md5", "md4", "md2")] + [string]$HashAlgorithm = "sha1", + [int]$MonthsValid = 12 ) begin { if ("NonExportable" -in $Flag) { @@ -338,6 +352,9 @@ function New-DbaComputerCertificate { } else { Add-Content $certCfg "RequestType = PKCS10" } + Add-Content $certCfg "NotBefore = $((get-date).ToShortDateString())" + Add-Content $certCfg "NotAfter = $((get-date).AddMonths($MonthsValid).ToShortDateString())" + Add-Content $certCfg "HashAlgorithm = $HashAlgorithm" Add-Content $certCfg "KeyUsage = 0xa0" Add-Content $certCfg "[EnhancedKeyUsageExtension]" Add-Content $certCfg "OID=1.3.6.1.5.5.7.3.1" @@ -345,7 +362,6 @@ function New-DbaComputerCertificate { Add-Content $certCfg $san Add-Content $certCfg "Critical=2.5.29.17" - if ($PScmdlet.ShouldProcess("local", "Creating certificate for $computer")) { Write-ProgressHelper -StepNumber ($stepCounter++) -Message "Running: certreq -new $certCfg $certCsr" $create = certreq -new $certCfg $certCsr diff --git a/tests/New-DbaComputerCertificate.Tests.ps1 b/tests/New-DbaComputerCertificate.Tests.ps1 index 6f86ec5fdc..5c2c141136 100644 --- a/tests/New-DbaComputerCertificate.Tests.ps1 +++ b/tests/New-DbaComputerCertificate.Tests.ps1 @@ -5,7 +5,7 @@ Write-Host -Object "Running $PSCommandPath" -ForegroundColor Cyan Describe "$CommandName Unit Tests" -Tag 'UnitTests' { Context "Validate parameters" { [object[]]$params = (Get-Command $CommandName).Parameters.Keys | Where-Object { $_ -notin ('whatif', 'confirm') } - [object[]]$knownParameters = 'ComputerName', 'Credential', 'CaServer', 'CaName', 'ClusterInstanceName', 'SecurePassword', 'FriendlyName', 'CertificateTemplate', 'KeyLength', 'Store', 'Folder', 'Flag', 'Dns', 'SelfSigned', 'EnableException' + [object[]]$knownParameters = 'ComputerName', 'Credential', 'CaServer', 'CaName', 'ClusterInstanceName', 'SecurePassword', 'FriendlyName', 'CertificateTemplate', 'KeyLength', 'Store', 'Folder', 'Flag', 'Dns', 'SelfSigned', 'EnableException', "HashAlgorithm", "MonthsValid" $knownParameters += [System.Management.Automation.PSCmdlet]::CommonParameters It "Should only contain our specific parameters" { (@(Compare-Object -ReferenceObject ($knownParameters | Where-Object { $_ }) -DifferenceObject $params).Count ) | Should Be 0 @@ -28,6 +28,33 @@ if (-not $env:appveyor) { It "returns the right FriendlyName" { "$($cert.FriendlyName)" -match 'SQL Server' | Should Be $true } + It "Returns the right default encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha1RSA' | Should Be $true + } + It "Returns the right default one year expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(12) | Should Be $true + } + } + } +} + + + +if (-not $env:appveyor) { + Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { + Context "Can generate a new certificate with correct settings" { + BeforeAll { + $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 + } + AfterAll { + Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false + } + It "Returns the right encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha256RSA' | Should Be $true + } + It "Returns the right five year (60 month) expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(60) | Should Be $true + } } } } \ No newline at end of file From 641a2a8e8ce9e241825ce4a1994e6a5b25990889 Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Tue, 5 Mar 2024 16:42:21 +0000 Subject: [PATCH 2/7] Undo module removal for development --- dbatools.psd1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dbatools.psd1 b/dbatools.psd1 index b13cdffb0c..11bee38423 100644 --- a/dbatools.psd1 +++ b/dbatools.psd1 @@ -29,7 +29,7 @@ Description = "The community module that enables SQL Server Pros to automate database development and server administration" # Modules that must be imported into the global environment prior to importing this module - #RequiredModules = @{ ModuleName = 'dbatools.library'; ModuleVersion = '2023.9.21' } + RequiredModules = @{ ModuleName = 'dbatools.library'; ModuleVersion = '2023.9.21' } # Assemblies that must be loaded prior to importing this module RequiredAssemblies = @() From b3b30494752f7cc33f89eaa3563a6da94a8b038f Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Tue, 5 Mar 2024 17:52:36 +0000 Subject: [PATCH 3/7] Removing bin\dbatools-index.json as not required --- bin/dbatools-index.json | Bin 8880056 -> 8878218 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/bin/dbatools-index.json b/bin/dbatools-index.json index b0ed88a012dd20e281e5026b988de5c6041a13a7..4d887d20fb40abda622f175852da3e5f5ab32811 100644 GIT binary patch delta 401 zcmWN=MNUHj07cONA1&_g?(VKdi@Uq?afd=L5*E-|cR^CZju^56cqchue=g(W*Jar8 zz!NVFyz#*oKl};6LLfl|6GA9qgcCs|QA86%EOEq>Kq5&blR_$Kq?17=S!9z#E_vir zKp{mGQ$i_alv6<^Ra8?$Ep^n>KqE~w(?Tn4w9`Q+U3Alfm0tSjXMjP5K5gF)w`n!r zEpMjNro%d-qdKPJI-!#~rPDg2vpT2qx}b}?q|3UZtGcG^x}lr8rQ5orySk_QdZ34T qq^2J0iJt12p6i8P>XlyWjo#{=-s^)ts$HM-SsjYLxJ~D)_2(ZAC#?Yh delta 859 zcmZY5$xl;J6bA5Hc*Rnrwg?tvdI-uO))pv5CYe+ap|xdjLaj0sWGH1&oG9|4Q5O)K zcsG)`(T!UZj2qp#QKBoixY4*W^&il$tqO^YU*5U*-Sh7G-h=R}^6J;B5`+eEh=&3# z60i+ABtnlQY)3K-*a0IMmjRE8=1&LHgb>)6?xc$d=y|W_Ms3(C`JkP zqZ9{V!9iGILmA3Z0Xr(;Kot(58a1dz9qMry4QNCYn$dzIIErIvMH`Nz9VgI%&X>;D zi!z}%wJ2f-#3}HgJMDi zWH{)w%eeV?RT=|r25FqpD)QrJhvM<@v{#e~yQmbULXCENMY*UF6YI*^N}O^Q@$4$(k+w3l?8!y{0ufU1+5sR%j#Bd8MYav@tfe|GB0jWGT}B4XED? z_*P%9B#w(|c1(#L`Q}3~Pg)a9CDLD8koEXsu2HVEWa{MmZ_TNRV@w%6Du1}04(YeM zQ)HJ}o04SVbgCE-7XFXPCz_1-N@11ecjft^s;}vFv&=p$MmfDIW}+X6tW>5_#T>i5 zBEY*^G--PA+9bc#;X89GbnsE^Lm1-eLHxw)ff$q>EftJ=>%Xh24{{}oD9q9l7 From e32d3aab67e084147d31e180978b5417b7da3b67 Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Tue, 5 Mar 2024 17:52:54 +0000 Subject: [PATCH 4/7] Clean up indentation --- public/New-DbaComputerCertificate.ps1 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/public/New-DbaComputerCertificate.ps1 b/public/New-DbaComputerCertificate.ps1 index e6e8ba8f11..a03dff9fe4 100644 --- a/public/New-DbaComputerCertificate.ps1 +++ b/public/New-DbaComputerCertificate.ps1 @@ -353,8 +353,8 @@ function New-DbaComputerCertificate { Add-Content $certCfg "RequestType = PKCS10" } Add-Content $certCfg "NotBefore = $((get-date).ToShortDateString())" - Add-Content $certCfg "NotAfter = $((get-date).AddMonths($MonthsValid).ToShortDateString())" - Add-Content $certCfg "HashAlgorithm = $HashAlgorithm" + Add-Content $certCfg "NotAfter = $((get-date).AddMonths($MonthsValid).ToShortDateString())" + Add-Content $certCfg "HashAlgorithm = $HashAlgorithm" Add-Content $certCfg "KeyUsage = 0xa0" Add-Content $certCfg "[EnhancedKeyUsageExtension]" Add-Content $certCfg "OID=1.3.6.1.5.5.7.3.1" From 5beeb8b5faf4294dc5841dd6e6fb55bfa328454c Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Wed, 6 Mar 2024 09:10:46 +0000 Subject: [PATCH 5/7] Check to see if tests run in appveyor --- tests/New-DbaComputerCertificate.Tests.ps1 | 73 +++++++++++----------- 1 file changed, 36 insertions(+), 37 deletions(-) diff --git a/tests/New-DbaComputerCertificate.Tests.ps1 b/tests/New-DbaComputerCertificate.Tests.ps1 index 5c2c141136..dc00c6ed24 100644 --- a/tests/New-DbaComputerCertificate.Tests.ps1 +++ b/tests/New-DbaComputerCertificate.Tests.ps1 @@ -13,48 +13,47 @@ Describe "$CommandName Unit Tests" -Tag 'UnitTests' { } } -if (-not $env:appveyor) { - Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { - Context "Can generate a new certificate" { - BeforeAll { - $cert = New-DbaComputerCertificate -SelfSigned -EnableException - } - AfterAll { - Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false - } - It "returns the right EnhancedKeyUsageList" { - "$($cert.EnhancedKeyUsageList)" -match '1\.3\.6\.1\.5\.5\.7\.3\.1' | Should Be $true - } - It "returns the right FriendlyName" { - "$($cert.FriendlyName)" -match 'SQL Server' | Should Be $true - } - It "Returns the right default encryption algorithm" { - "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha1RSA' | Should Be $true - } - It "Returns the right default one year expiry date" { - $cert.NotAfter -match ((Get-Date).Date).AddMonths(12) | Should Be $true - } + +Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { + Context "Can generate a new certificate" { + BeforeAll { + $cert = New-DbaComputerCertificate -SelfSigned -EnableException + } + AfterAll { + Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false + } + It "returns the right EnhancedKeyUsageList" { + "$($cert.EnhancedKeyUsageList)" -match '1\.3\.6\.1\.5\.5\.7\.3\.1' | Should Be $true + } + It "returns the right FriendlyName" { + "$($cert.FriendlyName)" -match 'SQL Server' | Should Be $true + } + It "Returns the right default encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha1RSA' | Should Be $true + } + It "Returns the right default one year expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(12) | Should Be $true } } } -if (-not $env:appveyor) { - Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { - Context "Can generate a new certificate with correct settings" { - BeforeAll { - $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 - } - AfterAll { - Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false - } - It "Returns the right encryption algorithm" { - "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha256RSA' | Should Be $true - } - It "Returns the right five year (60 month) expiry date" { - $cert.NotAfter -match ((Get-Date).Date).AddMonths(60) | Should Be $true - } + + +Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { + Context "Can generate a new certificate with correct settings" { + BeforeAll { + $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 + } + AfterAll { + Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false + } + It "Returns the right encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha256RSA' | Should Be $true + } + It "Returns the right five year (60 month) expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(60) | Should Be $true } } -} \ No newline at end of file +} From 0df1a053a91b830a1f9ee46602e397181def4828 Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Wed, 6 Mar 2024 15:55:29 +0000 Subject: [PATCH 6/7] Adding back exclustion for appveyor (they do not work from there) --- tests/New-DbaComputerCertificate.Tests.ps1 | 76 +++++++++++----------- 1 file changed, 39 insertions(+), 37 deletions(-) diff --git a/tests/New-DbaComputerCertificate.Tests.ps1 b/tests/New-DbaComputerCertificate.Tests.ps1 index dc00c6ed24..2b836a16af 100644 --- a/tests/New-DbaComputerCertificate.Tests.ps1 +++ b/tests/New-DbaComputerCertificate.Tests.ps1 @@ -13,47 +13,49 @@ Describe "$CommandName Unit Tests" -Tag 'UnitTests' { } } - -Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { - Context "Can generate a new certificate" { - BeforeAll { - $cert = New-DbaComputerCertificate -SelfSigned -EnableException - } - AfterAll { - Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false - } - It "returns the right EnhancedKeyUsageList" { - "$($cert.EnhancedKeyUsageList)" -match '1\.3\.6\.1\.5\.5\.7\.3\.1' | Should Be $true - } - It "returns the right FriendlyName" { - "$($cert.FriendlyName)" -match 'SQL Server' | Should Be $true - } - It "Returns the right default encryption algorithm" { - "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha1RSA' | Should Be $true - } - It "Returns the right default one year expiry date" { - $cert.NotAfter -match ((Get-Date).Date).AddMonths(12) | Should Be $true +#Tests do not run in appveyor +if (-not $env:appveyor) { + Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { + Context "Can generate a new certificate" { + BeforeAll { + $cert = New-DbaComputerCertificate -SelfSigned -EnableException + } + AfterAll { + Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false + } + It "returns the right EnhancedKeyUsageList" { + "$($cert.EnhancedKeyUsageList)" -match '1\.3\.6\.1\.5\.5\.7\.3\.1' | Should Be $true + } + It "returns the right FriendlyName" { + "$($cert.FriendlyName)" -match 'SQL Server' | Should Be $true + } + It "Returns the right default encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha1RSA' | Should Be $true + } + It "Returns the right default one year expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(12) | Should Be $true + } } } } - - - -Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { - Context "Can generate a new certificate with correct settings" { - BeforeAll { - $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 - } - AfterAll { - Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false - } - It "Returns the right encryption algorithm" { - "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha256RSA' | Should Be $true - } - It "Returns the right five year (60 month) expiry date" { - $cert.NotAfter -match ((Get-Date).Date).AddMonths(60) | Should Be $true +#Tests do not run in appveyor +if (-not $env:appveyor) { + Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { + Context "Can generate a new certificate with correct settings" { + BeforeAll { + $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 + } + AfterAll { + Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false + } + It "Returns the right encryption algorithm" { + "$(($cert | select-object @{n="SignatureAlgorithm";e={$_.SignatureAlgorithm.FriendlyName}})).SignatureAlgorithm)" -match 'sha256RSA' | Should Be $true + } + It "Returns the right five year (60 month) expiry date" { + $cert.NotAfter -match ((Get-Date).Date).AddMonths(60) | Should Be $true + } } } -} +} \ No newline at end of file From c262439dc6e6e683bd68aa8073189df500de438d Mon Sep 17 00:00:00 2001 From: Daniel Merchant Date: Wed, 6 Mar 2024 15:57:14 +0000 Subject: [PATCH 7/7] EnableException should be the last parameter --- tests/New-DbaComputerCertificate.Tests.ps1 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/New-DbaComputerCertificate.Tests.ps1 b/tests/New-DbaComputerCertificate.Tests.ps1 index 2b836a16af..b687688818 100644 --- a/tests/New-DbaComputerCertificate.Tests.ps1 +++ b/tests/New-DbaComputerCertificate.Tests.ps1 @@ -45,7 +45,7 @@ if (-not $env:appveyor) { Describe "$CommandName Integration Tests" -Tags "IntegrationTests" { Context "Can generate a new certificate with correct settings" { BeforeAll { - $cert = New-DbaComputerCertificate -SelfSigned -EnableException -HashAlgorithm "Sha256" -MonthsValid 60 + $cert = New-DbaComputerCertificate -SelfSigned -HashAlgorithm "Sha256" -MonthsValid 60 -EnableException } AfterAll { Remove-DbaComputerCertificate -Thumbprint $cert.Thumbprint -Confirm:$false