Get-AzClientCertificate.ps1
|
function Get-AzClientCertificate { <# .SYNOPSIS Returns the Azure Resource Manager client authentication certificate for the selected environment The response can list one or two certificates: if two are presented, both certificates should be trusted to permit the certificate rolling use case. The "certificate" field is a Base64 encoded cer file, if RP want to read and validate more fields. .PARAMETER Environment The Azure Cloud environment name to query .EXAMPLE Get-AzClientCertificate -Environment Public thumbprint notBefore notAfter certificate ---------- --------- -------- ----------- 6510AFE49C4FE1ADB0CCC0B65BAB07C298E6609A 2015-08-18T22:16:02Z 2017-08-17T22:16:02Z MIIGaTCCBFGgAwIBAgITWgABpmv9... Returns the available ARM client certificate(s) from the Public generic ARM endpoint .OUTPUTS Microsoft.Azure.AzureArmClientCertificate #> [CmdletBinding()] [OutputType('AzureArmClientCertificate')] param ( [parameter(Position = 0)] [ArgumentCompleter( { param ($commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters) Get-AzEnvironment | Select-Object -ExpandProperty 'Name' })] [string]$Environment = 'AzureCloud' ) process { if (![string]::IsNullOrWhiteSpace($PSCmdlet.MyInvocation.BoundParameters.RegionalEndpoint)) { $re = "{0}." -f $PSCmdlet.MyInvocation.BoundParameters.RegionalEndpoint } $uri = $null $outObj = $null if ($IsCoreCLR) { [Microsoft.Powershell.Commands.BasicHtmlWebResponseObject]$response = $null } else { [Microsoft.PowerShell.Commands.HtmlWebResponseObject]$response = $null } switch ($Environment) { 'AzureCloud' { $uri = "https://management.azure.com:24582/metadata/authentication?api-version=2015-01-01" $response = Invoke-WebRequest -Uri $uri -UseDefaultCredentials $outObj = $response | Select-Object -ExpandProperty Content | ConvertFrom-Json | Select-Object -ExpandProperty 'clientCertificates' } 'AzureChinaCloud' { $uri = "https://management.chinacloudapi.cn:24582/metadata/authentication?api-version=2015-01-01" $response = Invoke-WebRequest -Uri $uri -UseDefaultCredentials $outObj = $response | Select-Object -ExpandProperty Content | ConvertFrom-Json | Select-Object -ExpandProperty 'clientCertificates' } 'AzureUSGovernment' { $uri = "https://management.usgovcloudapi.net:24582/metadata/authentication?api-version=2015-01-01" $response = Invoke-WebRequest -Uri $uri -UseDefaultCredentials -Method 'Get' $outObj = $response | Select-Object -ExpandProperty Content | ConvertFrom-Json | Select-Object -ExpandProperty 'clientCertificates' } 'AzureGermanCloud' { $uri = "https://management.microsoftazure.de:24582/metadata/authentication?api-version=2015-01-01" $response = Invoke-WebRequest -Uri $uri -UseDefaultCredentials $outObj = $response | Select-Object -ExpandProperty Content | ConvertFrom-Json | Select-Object -ExpandProperty 'clientCertificates' } Default { Write-Error -Message "Invalid envorinment: $Environment" } } if ($outObj) { foreach ($certificate in $outObj) { $certificate.PSObject.TypeNames.Insert(0, "AzureArmClientCertificate") $certificate } } } } |