Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Export-VenafiCertificate doesn't support IncludeChain with JKS format #24

Closed
harrisonmeister opened this issue Aug 19, 2021 · 0 comments · Fixed by #27
Closed

Export-VenafiCertificate doesn't support IncludeChain with JKS format #24

harrisonmeister opened this issue Aug 19, 2021 · 0 comments · Fixed by #27

Comments

@harrisonmeister
Copy link
Contributor

harrisonmeister commented Aug 19, 2021
edited
Loading

Summary

The Export-VenafiCertificate function doesn't support IncludeChain with the JKS format.

Environment

Windows

Operating System: 10.0.14393.0
VenafiTppPS version: 3.1.5
PowerShell version:  5.1.14393.3866 (Desktop)

Linux

Operating System: Linux 5.11.0-27-generic #29~20.04.1-Ubuntu SMP Wed Aug 11 15:58:17 UTC 2021
VenafiTppPS version: 3.1.5
PowerShell version:  7.1.4 (Core)

Steps to reproduce

On TPP (not VaaS), attempt to export a certificate with the following call:

$Certificate = Export-VenafiCertificate -Format "JKS" -CertificateId "Path\To\Your\Certificate" -FriendlyName "MyFriendlyName" -IncludeChain -KeystorePassword $SecureKeyPass

Expected behavior

The docs state for IncludeChain:

When the Format is Base64, Base64, PKCS #7, PKCS #12, or JKS, you can include the parent or root chain in the return data

I expect to receive a certificate response with the certificate in JKS format, including the complete certificate chain.

Actual behavior

An error is received:

Parameter set cannot be resolved using the specified named parameters. One or more parameters issued cannot be used together or an insufficient number of parameters were provided.

I think the cause is that the $IncludeChain property doesn't have the TppJks parameter set included here

I wonder if this might fix it:

[Parameter(ParameterSetName = 'Tpp')]
[Parameter(ParameterSetName = 'TppJks')]
[switch] $IncludeChain,

Screenshots

image
harrisonmeister added a commit to harrisonmeister/VenafiPS that referenced this issue Aug 19, 2021
@harrisonmeister
Add IncludeChain support for JKS in Export-VenafiCertificate. Fixes V…
c36afed 
…enafi#24
@harrisonmeister harrisonmeister mentioned this issue Aug 19, 2021
Merged
gdbarron pushed a commit that referenced this issue Sep 8, 2021
@harrisonmeister
Various fixes for Exporting a certificate (#27)
f766beb 
* Mask CertficateData property in Write-VerboseWithSecret. Resolves #25

* Add IncludeChain support for JKS in Export-VenafiCertificate. Fixes #24

* Add IncludePrivateKey support for JKS in Export-VenafiCertificate. Fixes #26

* Update Export-VenafiCertificate example to correct function name

* Updates to Export-VenafiCertificate based on review feedback
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Various fixes for Exporting a certificate harrisonmeister/VenafiPS
1 participant
@harrisonmeister