Generate certificate thumbprint within config

This topic contains 5 replies, has 4 voices, and was last updated by Profile photo of Sven van Rijen Sven van Rijen 3 months, 2 weeks ago.

  • Author
    Posts
  • #63259
    Profile photo of Sven van Rijen
    Sven van Rijen
    Participant

    Hi there!

    Does anyone had an idea how to do this:

    I'm trying to build an on-premises HTTPS DSC Pull Server on a server which is managed by Azure DSC.
    Step-1: Within my config I'm able to generate an SSL certificate from the on-premises CA. But now I want to use this particular certificate for the SSL-binding of the Pull server.

    Step-2: Within the xDscWebService resource you have to supply an CertificateThumbPrint.
    How can I use retrieve and use the thumbprint of the certificate from Step-1 in the same config? Just $thumbprint = (Get-ChildItem CERT:\..etc) doesn't do the trick...

    Anyone?

    Kind regards,
    Sven

  • #63390
    Profile photo of David Jones
    David Jones
    Participant

    It would take either a custom resource or a script resource that gets the cert thumbprint and does the steps that xDscWebService would handle.

  • #63523
    Profile photo of Missy Januszko
    Missy Januszko
    Participant

    You could pass in thumbprint as a parameter with a param block.

    Then on the line where you compile the mof,
    Configname -path .\ -thumbprint (get-childitem Cert:\...etc)

  • #63525
    Profile photo of Missy Januszko
    Missy Januszko
    Participant

    Oh wait, you say you're generating the certificate within the config?? Using a parameter probably isn't the answer in that case.

  • #63526
    Profile photo of Tim Haintz
    Tim Haintz
    Participant

    Hi Sven, I have done this in my test environment using the below method.

    $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
    $cert.Import('c:\publicKeys\nameofcertfile.cer') 

    You can then use $cert.thumbprint to get the thumbprint.
    I used this article to help me: https://social.technet.microsoft.com/Forums/scriptcenter/en-US/969bfa58-a479-4b07-8c3b-4e57121351da/powershell-pulling-thumbprint-from-certificate-cer?forum=ITCG

    First post, hope the formatting works correctly.

    Thanks, Tim.

  • #63628
    Profile photo of Sven van Rijen
    Sven van Rijen
    Participant

    Thank you all for your replies up till now!
    I'm going to check things out later this week and will keep you up to date!

You must be logged in to reply to this topic.