xWebsite: Certificate subject compare fails with multiple entries

[wh33ly]

Details of the scenario you tried and the problem that is occurring

Currently working on a scenario to create a certificate signed by our CA and bind it as a website binding to a website.

As long as I use a simple subject like the host name the binding goes correct. As soon as I enter a subject as it is required within our company it fails. I figured out where the problem occurs.

Example:
Subject:
CN=hostname.domain.net, [email protected], O=My Company., OU=IT, L=Place, S=State, C=Somewhere

I dug into it further and found where the mismatch happens. I encounterd a similar issue with the certificate request itself.
See issue : dsccommunity/CertificateDsc#173
And PR: dsccommunity/CertificateDsc#174

The solution for this case was in short to split,trim and sort the subjects before they are compared.

When I make a request like the example above and check the subject after the certificate is created it comes back like :
[email protected], CN=hostname.domain.net, OU=IT, O=My Company, L=Place, S=State, C=Somewhere

Notice the order and the spaces after the commas.

So back to the Website binding issue:
Test-TargetResource
https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/MSFT_xWebsite/MSFT_xWebsite.psm1#L782

Goes to function Test-WebsiteBinding
https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/MSFT_xWebsite/MSFT_xWebsite.psm1#L1905

Goes to function ConvertTo-WebBinding
https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/MSFT_xWebsite/MSFT_xWebsite.psm1#L1248

Goes to function Find-Certificate
https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/Helper.psm1#L101

The subject compares with a simple @('($_.Subject -eq $Subject)') this fails when the order is not correct and the spaces are in the certificate.
https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/Helper.psm1#L166

I updated the subject's certfilter with something like:
$certFilters += @('(@(Compare-Object -ReferenceObject (($_.Subject -split ", ").trim()|sort-object) -DifferenceObject (($subject -split ",").trim()|sort-object)| Where-Object -Property SideIndicator -eq "=>").Count -eq 0)')

And tested it a few times and that seems to work.

I try to make a pull request to solve this (first timer)

Verbose logs showing the problem

Error:
Failed to execute Test-TargetResource functionality with error message: Desired website bindings are not valid for website "MyWebsite"

Suggested solution to the issue

I think about one of these solutions

1. Update the subject's certfilter with something like:
   https://github.com/PowerShell/xWebAdministration/blob/85ff094ebbd9522ce5b6128ba645d164c1eb3704/DSCResources/Helper.psm1#L166

$certFilters += @('(@(Compare-Object -ReferenceObject (($_.Subject -split ", ").trim()|sort-object) -DifferenceObject (($subject -split ",").trim()|sort-object)| Where-Object -Property SideIndicator -eq "=>").Count -eq 0)')

I tested the above and this works, also a split etc is done in other filters.

2. Use the compare subject function created in CertReq: Fix X500 Subject Match and Renewal - Fixes #172 CertificateDsc#174
   And maybe move it to the CertificateDSC.Common instead of inside the MSFT_CertReq/MSFT_CertReq.psm1

The DSC configuration that is used to reproduce the issue (as detailed as possible)

Windows 2012

# insert configuration here

The operating system the target node is running

Version and build of PowerShell the target node is running

Version of the DSC module that was used ('dev' if using current dev branch)