500 internal server error on new-tppcapiapplication #132
Comments
|
i have also found that the first command above that executes without error also ignores the -winrmport switch. the app it creates is on 5986. |
|
ok so looping in issue#133, if i leave out the '-bindingport' switch for new-tppcapiapplication, i am able to create a device with an IIS site, and it does default to 443 (your https://venafitppps.readthedocs.io/ documentation says it defaults to 0). but the issue regarding the winRM port being 5896 even though i'm setting it to "-winrmport 5895" remains, which means i can't use the -provisioncertificate switch. looking at the individual new-tppcapiapplication.ps1 script, you create a parameter for $winrmport, but you never mention it again down in your "if psboundparameter containskey" section. |
|
Looks like there's a few things going on, thanks. With regards to the 500 error, I'm not sure what's going on yet. I've reached out to Venafi to see if they can clarify. I get the same error with I never implemented WinRmPort beyond the parameter and will get that fixed. With regards to the documentation, binding port is an integer and I haven't set a default for the parameter so it shows 0 in the doc as that's the default for an integer which hasn't been set. Providing no value will in fact use TPPs default which is 443. It's definitely misleading and I'll have to give some thought as to how to fix this which for now may just be via comment-based help. It looks as if there are a bunch of parameters I never documented for this function so I'll get that resolved. If you have suggestions for another solution, I'm all ears 😄 |
|
Thank you. I'm new to this , but would it make sense to have a way to push/provision the certificate for an app without renewing the certificate with invoke certrenewal? (the "push" button in the Gui). I realize I'm only in that situation currently because I can't set the winrm port and therefore can't use the -provisioncertificate switch in new-tppcertificate. But maybe there would be other use cases.
Also-is there a parameter for new-tppcertificate to set "disable automatic renewal" to true or false? I know It can be done with set-tppattribute post-creation, but it'd be cool to set it during certificate creation.
On Apr 7, 2021 11:07 PM, Greg Brownstein ***@***.***> wrote:
Looks like there's a few things going on, thanks.
With regards to the 500 error, I'm not sure what's going on yet. I've reached out to Venafi to see if they can clarify. I get the same error with New-TppCapiApplication when providing Binding Port, but works perfectly fine without it and when updating the same value via Set-TppAttribute.
I never implemented WinRmPort beyond the parameter and will get that fixed.
With regards to the documentation, binding port is an integer and I haven't set a default for the parameter so it shows 0 in the doc as that's the default for an integer which hasn't been set. Providing no value will in fact use TPPs default which is 443. It's definitely misleading and I'll have to give some thought as to how to fix this which for now may just be via comment-based help. It looks as if there are a bunch of parameters I never documented for this function so I'll get that resolved. If you have suggestions for another solution, I'm all ears 😄
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub<#132 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ABPKH4LIE3EJEDDLQA4L2ETTHUTWHANCNFSM42NYB3WA>.
|
|
Hey @Curtmcgirt. I put together a PR and linked to this issue. Could you give it a go and see if all your issues are fixed? I added As of now, there is no param for |
|
just to be clear, all i need to do to get the new version is run 'install-module' again? because after doing that, i now get the 500 error without the binding port. New-TppCapiApplication -ApplicationName $entry.fqdn -FriendlyName $entry.fqdn -Path $targetdevicepath -CertificatePath $targetcertpath -CredentialPath $winaccountpath -WinRmPort 5985 -WebSiteName $iissitename -BindingIpAddress $bindingIP -BindingHostName $entry.fqdn -ProvisionCertificate "500 Internal Server Error: {"Error":"Internal error occurred."}
|
|
You would need to pull down the branch and perform I've tested all the scenarios you provided and they are working now so if you aren't familiar with the above I can just publish and you can try again. |
|
lol. i did figure that out. i'm not a github guy. :) yes, new-tppcertificate works with winrmport now, which also makes |
|
also re: auto-renewal. i'm not the venafi admin, i'm just an end user. they have 'disable automatic renewal" set to yes by default for all new certificates, so i'm trying to set it to no. |
Environment
Steps to reproduce
i'm able to log in, read current objects, create devices, create certificates, and create a new-tppcapiaplication without IIS settings. but with IIS settings, i'm getting a 500 internal server error.
so this works:
New-TppCapiApplication -ApplicationName $applicationname -FriendlyName $applicationname -Path $targetdevicepath -CertificatePath $targetcertpath -CredentialPath $appaccountpath -WinRmPort 5985
but this gives a 500 failure error:
New-TppCapiApplication -ApplicationName $applicationname -FriendlyName $applicationname -Path $targetdevicepath -CertificatePath $targetcertpath -CredentialPath $appaccountpath -WinRmPort 5985 -WebSiteName $iissitename -BindingIpAddress $bindingIP -BindingPort 443 -BindingHostName $applicationname
i noticed the type of "bindingipaddress" is "ip address" and not "string," so i took that part completely out just to see what would happen, but same behavior. then i tried setting $bindingIP = [ipaddress]"10.10.10.10", and same behavior. also tried with and without -createbinding and -provisioncertificate.
Expected behavior
Actual behavior
"500 Internal Server Error: {"Error":"Internal error occurred."}
At C:\Program Files\WindowsPowerShell\Modules\VenafiTppPS\2.2.0\Public\Invoke-TppRestMethod.ps1:154 char:17
:String) [], RuntimeException
Screenshots
The text was updated successfully, but these errors were encountered: