Is the Azure VM DSC Extension a Prerequisite for DSC Certificate Auto-Renew

Welcome Forums DSC (Desired State Configuration) Is the Azure VM DSC Extension a Prerequisite for DSC Certificate Auto-Renew

This topic contains 0 replies, has 1 voice, and was last updated by  Charlie 1 week, 2 days ago.

  • Author
    Posts
  • #175645

    Participant
    Topics: 9
    Replies: 1
    Points: 60
    Rank: Member

    Can someone please help me with the following question

    I read the following article, which said with Windows 2019 onwards, the DSC certificate (the one created when the node is on-boarded to Azure Automation DSC) used for secure comms with the Azure-hosted Pull Server, will be "Automatically Renwed"

    Desired State Configuration (DSC) Planning Update – September 2018

    Previously they were not automatically renewed and you had to re-onboard the node to create a new certificate.

    My question is as follows

    Does this new functionality only work with Azure VMs which have the 'virtual machine DSC extension' installed?

    For example what about on-premise physical servers which have been onboard to Azure Automation DSC via feeding their local configuration manager e.g.

    Get-AzureRmAutomationDscOnboardingMetaconfig @Params

    then

    Set-DscLocalConfigurationManager # on the local on-premise physical server

    Basically, these on-premise physical servers have no VM extensions as they are not VMs and not hosted in the cloud

    Therefore if the DSC automatic certificate renewal is achieved via the VM DSC Extension then logically it will not work for physical on-premise servers currently on-board to Azure Automation DSC

    Can someone please clarify, answer the above questions

    Thanks

    CXMelga

     

     

You must be logged in to reply to this topic.