Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

windows_certificates does nothing within Kitchen #565

Closed
DanSibbernsen opened this issue Jun 19, 2018 · 2 comments
Closed

windows_certificates does nothing within Kitchen #565

DanSibbernsen opened this issue Jun 19, 2018 · 2 comments

Comments

@DanSibbernsen
Copy link

DanSibbernsen commented Jun 19, 2018
edited
Loading

Cookbook versions

4.3.2, 3.1.0

Chef-client version

14.2.0, 12.19.36

Platform Details

Windows 10 (latest patches)
Windows Server 2016 (latest patches)
Created from Packer via JacqInTheBox

Scenario:

I run Kitchen converge with the following recipe:

windows_certificate "#{node['Certificates']['location']}/certificate.pfx" do
  pfx_password '*****'
  store_name node['Certificates']['TrustedFolder']
  action :create
end

.kitchen.yml from my windows cookbook:

driver:
  name: vagrant
  customize:
    cpus: 2
    memory: 4096

transport:
  name: winrm
  elevated: true

provisioner:
  name: chef_zero
  deprecations_as_errors: true

verifier:
  name: inspec

platforms:
  - name: windows_10
    driver:
       box: windows_10
       provider: parallels
  - name: windows_server_2016
    driver:
       box: windows_server_2016
       provider: parallels

Notably: if I pass in the wrong password, the recipe fails to converge. But if the password is correct, the recipe appears to succeed but no certificate is pushed into the TRUSTEDFOLDER.

Steps to Reproduce:

kitchen create; kitchen converge;

The issue started sometime between Summer of 2017 and Spring of 2018. I've got several working cases on outside environments, but Kitchen can't install my certificates or the certificates located in the Windows cookbook source. Nothing appears in the mmc.exe when I load up the Certificates snap-in (this is true for both "My user account" and "Computer account").

The next level of debugging would be into the ruby gem of win32-certstore, but I'm not sure how I would go about doing that via Kitchen.

Expected Result:

I expect the certificate to be installed and configured correctly.

Actual Result:

No certificate is created.
@piyushawasthi piyushawasthi mentioned this issue Jul 9, 2018
Merged
@piyushawasthi
Copy link
Contributor

piyushawasthi commented Jul 9, 2018
edited
Loading

@DanSibbernsen This is occurred due to we have validation for certificate-store. Now we update the code in PR: chef/win32-certstore#36. Now if you open any store that not exist and want to add new certificate in that then our code will create new store for you and add new certificate in that.
trustedfolder-cert

@tas50
Copy link
Contributor

tas50 commented Jul 18, 2018

This should be resolved in the latest version of the cookbook which uses and updated version of our win32-certstore gem. If you're still having this issue after updating the cookbook then please open this back up so we can dig in.

@tas50 tas50 closed this as completed Jul 18, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DanSibbernsen @tas50 @piyushawasthi