Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CertificateImport: add support for certificates import via HTTP(S) #216

Open
fullenw1 opened this issue Jan 24, 2020 · 1 comment
Open

CertificateImport: add support for certificates import via HTTP(S) #216

fullenw1 opened this issue Jan 24, 2020 · 1 comment
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. needs investigation The issue needs to be investigated by the maintainers or/and the community.

Comments

@fullenw1
Copy link

Details of the scenario you tried and the problem that is occurring

Currently, the ImportCertificate only supports import of certificates with file shares.
However, for standalone computers this becomes complicated because you have to first create a share mapping which involves also the usage of credential.

Verbose logs showing the problem

PowerShell DSC resource MSFT_CertificateImport failed to execute Set-TargetResource functionality with error message: Certificate Pfx file 'https://FileServer/DscFileRepository/Certificates/certificate.crt' not found. (CI0006)

Suggested solution to the issue

The HTTP(S) download is already implemented in the File resource.
We could do the same by importing certificates downloaded via HTTP(S)

The DSC configuration that is used to reproduce the issue (as detailed as possible)

Datum configuration:

CertificateDsc:
  CertificateImport:
    - Path: https://FileServer/DscFileRepository/Certificates/certificate.crt
      Location: LocalMachine
      Store: My
      Ensure: Present
      FriendlyName: MyCertificate
      Thumbprint: 1C875AB1F29FC357E3F861FE1EF438E089053E2E

The operating system the target node is running

OsName               : Microsoft Windows Server 2019 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture       : 64-bit
WindowsVersion       : 1809
WindowsBuildLabEx    : 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage           : en-US
OsMuiLanguages       : {en-US}

Version and build of PowerShell the target node is running

Name                           Value
----                           -----
PSVersion                      5.1.17763.316
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.17763.316
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

Version of the DSC module that was used ('dev' if using current dev branch)

ModuleType Version    Name                                ExportedCommands
---------- -------    ----                                ----------------
Manifest   4.7.0.0    CertificateDsc
@PlagueHO PlagueHO added needs investigation The issue needs to be investigated by the maintainers or/and the community. enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. labels Jan 24, 2020
@PlagueHO
Copy link
Member

Hi @fullenw1 - It should be possible to modify this to detect the file source as HTTP/HTTPS and download the file locally before importing it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement The issue is an enhancement request. help wanted The issue is up for grabs for anyone in the community. needs investigation The issue needs to be investigated by the maintainers or/and the community.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PlagueHO @fullenw1