PfxImport: Cannot find an overload for "Import" and the argument count: "2"

[cmielke]

Details of the scenario you tried and the problem that is occurring

I have a PFX as base64 with no password. When I use the pfxImport resource with the Content property and a null Credential, I get the error Cannot find an overload for "Import" and the argument count: "2"

Verbose logs showing the problem

Cannot find an overload for "Import" and the argument count: "2".
    + CategoryInfo          : NotSpecified: (:) [], CimException
    + FullyQualifiedErrorId : MethodCountCouldNotFindBest
    + PSComputerName        : localhost

Exception calling "Add" with "1" argument(s): "pCertContext is an invalid handle."
    + CategoryInfo          : NotSpecified: (:) [], CimException
    + FullyQualifiedErrorId : CryptographicException
    + PSComputerName        : localhost

VERBOSE: [redacted]:                            [[PfxImport]sslImport] Set-TargetResource: Setting Certificate ''
from 'LocalMachine' store 'My' friendly name to 'redacted'. (PI0011)
VERBOSE: [CEESO-PINQ02]: LCM:  [ End    Set      ]  [[PfxImport]sslImport]  in 0.5810 seconds.
The PowerShell DSC resource '[PfxImport]sslImport' with SourceInfo '::23::9::pfxImport' threw one or more
non-terminating errors while running the Set-TargetResource functionality. These errors are logged to the ETW channel
called Microsoft-Windows-DSC/Operational. Refer to this channel for more details.
    + CategoryInfo          : InvalidOperation: (:) [], CimException
    + FullyQualifiedErrorId : NonTerminatingErrorFromProvider
    + PSComputerName        : localhost

Suggested solution to the issue

System.Security.Cryptography.X509Certificates.X509Certificate2.Import does not have an overload that takes two parameters. The Modules/CertificateDsc.Common/CertificateDsc.Common.psm1 module attempts to call the Import method with 2 parameters here.

I think it should be using the overload that includes an empty string for the password.

The DSC configuration that is used to reproduce the issue (as detailed as possible)

Configuration repro
{    
    Import-DscResource -ModuleName CertificateDsc -ModuleVersion '5.1.0'        

    $sslCertPfxBase64String = Get-AutomationVariable -Name 'ssl-cert'
    $ssl_thumb = Get-AutomationVariable -Name 'ssl-thumb'
    
    Node "localhost"
    {
        LocalConfigurationManager {
            DebugMode = 'ForceModuleImport'
        }
        pfxImport sslImport {
            Thumbprint           = "$ssl_thumb"
            FriendlyName         = "repro ( $( (Get-Date).ToString('yyyy-MM-dd') ) )"
            Content              = $sslCertPfxBase64String        
            Location             = "LocalMachine"
            Store                = "My"
            Credential           = $null
        }        
    }
}

The operating system the target node is running

OsName : Microsoft Windows Server 2019 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 1809
WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage : en-US
OsMuiLanguages : {en-US}

Version and build of PowerShell the target node is running

PSRemotingProtocolVersion 2.3
BuildVersion 10.0.17763.1852
PSVersion 5.1.17763.1852
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
PSEdition Desktop
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
SerializationVersion 1.1.0.1

Version of the DSC module that was used ('dev' if using current dev branch)

5.1.0

[cmielke]

I updated a local copy of the module and confirmed that changing this

$cert.Import($importDataValue, $flags)

to this

$cert.Import($importDataValue, "", $flags)

fixed the issue and the certificate was successfully imported. I am going to submit an initial PR to illustrate the fix.