Generate certificate thumbprint within config

This topic contains 6 replies, has 5 voices, and was last updated by Profile photo of Adam Adam 1 month, 1 week ago.

  • Author
  • #63259
    Profile photo of Sven van Rijen
    Sven van Rijen

    Hi there!

    Does anyone had an idea how to do this:

    I'm trying to build an on-premises HTTPS DSC Pull Server on a server which is managed by Azure DSC.
    Step-1: Within my config I'm able to generate an SSL certificate from the on-premises CA. But now I want to use this particular certificate for the SSL-binding of the Pull server.

    Step-2: Within the xDscWebService resource you have to supply an CertificateThumbPrint.
    How can I use retrieve and use the thumbprint of the certificate from Step-1 in the same config? Just $thumbprint = (Get-ChildItem CERT:\..etc) doesn't do the trick...


    Kind regards,

  • #63390
    Profile photo of David Jones
    David Jones

    It would take either a custom resource or a script resource that gets the cert thumbprint and does the steps that xDscWebService would handle.

  • #63523
    Profile photo of Missy Januszko
    Missy Januszko

    You could pass in thumbprint as a parameter with a param block.

    Then on the line where you compile the mof,
    Configname -path .\ -thumbprint (get-childitem Cert:\...etc)

  • #63525
    Profile photo of Missy Januszko
    Missy Januszko

    Oh wait, you say you're generating the certificate within the config?? Using a parameter probably isn't the answer in that case.

  • #63526
    Profile photo of Tim Haintz
    Tim Haintz

    Hi Sven, I have done this in my test environment using the below method.

    $cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2

    You can then use $cert.thumbprint to get the thumbprint.
    I used this article to help me:

    First post, hope the formatting works correctly.

    Thanks, Tim.

  • #63628
    Profile photo of Sven van Rijen
    Sven van Rijen

    Thank you all for your replies up till now!
    I'm going to check things out later this week and will keep you up to date!

    • #72583
      Profile photo of Adam

      Any update on this?

You must be logged in to reply to this topic.