Changed $ca parameter #43
Conversation
Changed $ca parameter from $ca = "'$CAServerFQDN\$CARootName' " to $ca = "$CAServerFQDN\$CARootName". Old parameter gave errors since '$CAServerFQDN (example: 'CA01.domain.com) could not be found when running the script.
|
Hi @svenvanrijen, I'm your friendly neighborhood Microsoft Pull Request Bot (You can call me MSBOT). Thanks for your contribution! TTYL, MSBOT; |
| @@ -128,7 +128,7 @@ function Get-TargetResource | |||
| ) | |||
|
|
|||
| # The certificate authority, accessible on the local area network | |||
| $ca = "'$CAServerFQDN\$CARootName'" | |||
| $ca = "$CAServerFQDN\$CARootName" | |||
There was a problem hiding this comment.
Change looks good. Please document your change on the README.md file https://github.com/PowerShell/xCertificate/blob/dev/ReadMe.md
There was a problem hiding this comment.
Just all changed lines as discussed under PR 43 and issue 42. Also documented the changes in README.md file as requested.
BerheAbrha
added
the
waiting for author response
|
Hi @svenvanrijen - this change will actually cause problems if the $CARootName contains spaces (which is an acceptable CA Root Name name format). Could I request that rather than just remove the quotes, could you put a check in to ensure that the $CARootName contains no spaces? If there are no spaces then removing the quotes is OK, if not, they need to be left in. It might also be worth moving the Does that make sense? And good job BTW! 😁 |
|
Hi @PlagueHO . Thank you for your feedback. Gonna work on that later this week and will keep u posted. Regards, |
|
Thanks @svenvanrijen - thanks for doing this for the community! |
This reverts commit 998e100.
|
Hi @PlagueHO, I've been checking on your comments, but it seems like I don't fully get it. I'll try to show you what I mean with 3 examples: the variables are: Example 1: the original config Output: Example 2: my suggested change Output: Example 3: no quotes at all Output (=Error message): So, my point is: removing just the single quotes from the original config is valid as it does not negatively influence the output of the code when spaces are used. Can you agree on this? Kind regards, |
This reverts commit a3dddd3.
|
Hi @svenvanrijen - what I meant was to do something like this: if ($CARootName.Contains(' '))
{
$ca = "'$CAServerFQDN\$CARootName'"
}
else
{
$ca = "$CAServerFQDN\$CARootName"
}Where I work we have CA's with the following naming styles: The top style CA should be fine without single quotes. The bottom style I think will have problems without single quotes around it. I meant to do some more investigation on my systems to confirm this but I ran out of time today. What I want to ensure is that any fix works for all naming conventions. |
|
Hi @PlagueHO, I do understand that, I have the same intentions. I also understood the if/then statement intention, but I think/thought that might not be necessary. But please test this on your systems, and if indeed necessary, I'll be happy to add the if/then statement to the code. Kind regards, |
|
Hi @svenvanrijen - I'll do a couple of quick tests at the office next week and see if the single quotes are required on all CA's. Thanks for your help and patience! |
|
Hi @svenvanrijen - Ok, I have made some progress looking into this. You can go ahead and keep the change to remove the single quotes completely from line: $ca = "'$CAServerFQDN\$CARootName'"There is no need for the check if spaces exist. However, you will need to change this line: https://github.com/PowerShell/xCertificate/blob/dev/DSCResources/MSFT_xCertReq/MSFT_xCertReq.psm1#L407 To: $arguments = "-Command ""& $ENV:SystemRoot\system32\certreq.exe" + `
" @('-submit','-q','-config','$ca','$reqPath','$cerPath')" + `
" | Set-Content -Path '$certReqOutPath'"""This should allow the resource to work when Credentials are provided and when they are not. The Credential parameter is required when the CA server does not allow "Everyone" to issue certificates (e.g. you need to request the cert using a specific account). Does this make sense? |
|
Hi @PlagueHO, No problem, going to work on that. Regards, |
|
Hi @svenvanrijen - just add the details of the change to the ## Unreleased section in the Readme.md. I've managed to identify the problem when using the Change it from: $null = Wait-Win32ProcessEnd `
-Path $command `
-Arguments $arguments `
-Credential $CredentialTo: $null = Wait-Win32ProcessStop `
-Path $command `
-Arguments $arguments `
-Credential $CredentialE.g. we're changing the function from One final change (just so the manual integration tests work): Exportable = $($Exportable.ToString().ToUpper())Change to: Exportable = $ExportableAppreciate your help on this! |
Changed all lines as discussed under PR 43 and issue 42
|
Just all changed lines as discussed under PR 43 and issue 42. |
|
Seems there are still some problems with the CI tests. Looking into that later. |
|
@svenvanrijen - the test failures aren't caused by something you've done. We've changed the common DSCResource test frameworks to behave differently which requires some changes to this repo. I've included these changes in my PR #48 Once my PR is merged, your PR will pass and can be merged. |
|
@PlagueHO - Good to know! Thank you for your reply! |
PlagueHO
added
in progress
|
Hi @svenvanrijen - my PR has gone through now, so your one should begin passing tests. So if you can fix the merge conflicts by rebasing then I should be able to review and merge it. Thanks again for contributing this! |
This reverts commit 3494dfa.
# Conflicts: # DSCResources/MSFT_xCertReq/MSFT_xCertReq.psm1 # ReadMe.md
|
Hi @PlagueHO, just merged the repo again, but still one check fails. Not sure it's in the module or the test itself. Can you have another look at it or can I help out on this? Regards, |
|
Hi @svenvanrijen - I think the problem is that my changes from my PR haven't made it into your branch (your PR is undoing a few of my changes). If you have a look at the "Files Changed" you can see a bunch of changes that you didn't actually make 😁 It does look like you've merged my changes though... but perhaps try again? |
|
I'll try again, thnx. I'm quite a newbie on this. I'm sorry.... |
|
@PlagueHO I'm affraid I'm not sure how to fix this :( My thoughts are close this PR, re-fork the original repo and re-apply my changes... |
ProcessStop instead of ProcessEnd line 560
|
@PlagueHO Context autorenew is false, credentials passed
[+] should not throw 352ms
[-] should call expected mocks 96ms
You did not declare a mock of the Wait-Win32ProcessStop Command in module MSFT_xCertReq.
at line: 636 in C:\Program Files\WindowsPowerShell\Modules\Pester\4.0.2\Functions\Mock.ps1I'm affraid I cannot fix this, can I? Regards, |
|
Hi @svenvanrijen - I think there is still a number of changes that are being reverted by your PR. If you have a look at the "Files Changed" Tab above you should be able to identify the changes you've made as opposed to the files that are reverted and then bring those changes back. As for the test failure, I can give you advise on fixing that once the above changes are reverted. |
This reverts commit 998e100.
|
Still problems resolving various merge issues. Closing this PR and opening a new one. |
PlagueHO
removed
the
in progress
Changed $ca parameter from $ca = "'$CAServerFQDN$CARootName' " to $ca
= "$CAServerFQDN$CARootName". Old parameter gave errors since
'$CAServerFQDN (example: 'CA01.domain.com) could not be found when
running the script.
This change is