Certificate.psm1
|
<# .SYNOPSIS Verifies the certificate exists based on thumbprint .DESCRIPTION Verifies the certificate exists based on thumbprint .EXAMPLE Confirm-Certificate -Thumbprint 'a63352a23c87e3da908c3a744edfbc8710119d86' .PARAMETER Thumbprint Thumbprint of the certificate to check .PARAMETER Location Location to check for certificate, defaults to 'Cert:\LocalMachine\My' .PARAMETER Session Remote session to pass in if you want to check on a remote computer #> function Confirm-Certificate { [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', '')] # Scriptanalyzer can't see $using: for remote commands [OutputType('System.Boolean')] [CmdletBinding()] param( [Parameter(Mandatory = $true)] [string]$Thumbprint, [Parameter(Mandatory = $false)] [string]$Location = 'Cert:\LocalMachine\My', [Parameter(Mandatory = $false)] $Session ) $certificate = $null if($Session){ # Run on remote session $certificate = Invoke-Command -Session $Session -ScriptBlock {@(Get-ChildItem -Path $using:Location | Where-Object {$_.Thumbprint -eq $using:Thumbprint})} }else{ $certificate = @(Get-ChildItem -Path $Location | Where-Object {$_.Thumbprint -eq $Thumbprint}) } if($certificate){ return $true }else{ return $false } } <# .SYNOPSIS Installs a PFX certificate on a remote server .DESCRIPTION Copies the certificate to the remote server, installs it and removes the copy .EXAMPLE $session = New-PSSession -HostName 'Server' $pfxPassword = Get-Credential -UserName 'Enter password below' -Message 'Enter certificate password' Install-PFXCertificateRemote -Session $session -LocalPath 'C:\Temp\cert.pfx' -Password $pfxPassword.Password .PARAMETER Session Remote session to install on .PARAMETER LocalPath PFX file location on your local machine to install .PARAMETER Password Secure string that contains the PFX password .PARAMETER RemoteFolder Where the certificate will be stored on the remote machine temporarily, defaults to C:\Temp .PARAMETER Location Location to install for certificate, defaults to 'Cert:\LocalMachine\My' #> function Install-PFXCertificateRemote { [Diagnostics.CodeAnalysis.SuppressMessageAttribute('PSReviewUnusedParameter', '')] # Scriptanalyzer can't see $using: for remote commands [CmdletBinding()] param( [Parameter(Mandatory = $true)] $Session, [Parameter(Mandatory = $true)] [string]$LocalPath, [Parameter(Mandatory = $true)] [securestring]$Password, [Parameter(Mandatory = $false)] [string]$RemoteFolder = 'C:\Temp', [Parameter(Mandatory = $false)] [string]$Location = 'Cert:\LocalMachine\My' ) # Validate local File Write-Progress 'Validating local certificate' if($LocalPath.Split('.')[-1].ToLower() -ne 'pfx'){ Throw 'The certificate must be a .pfx' } if((Test-Path -Path $LocalPath) -eq $false){ Throw "$LocalPath was not found" } # Check / Create Remote Folder if((Invoke-Command -Session $Session -ScriptBlock {Test-Path -Path $using:RemoteFolder}) -eq $false){ Invoke-Command -Session $Session -ScriptBlock {New-Item -Path $using:RemoteFolder -ItemType Directory} } # Copy Certificate $fileName = Split-Path -Path $LocalPath -Leaf Copy-Item $LocalPath -Destination "$RemoteFolder\$fileName" -ToSession $session # Install certificate Write-Progress 'Installing Certificate' $remotePath = "$RemoteFolder\$fileName" Invoke-Command -Session $Session -ScriptBlock {Import-PfxCertificate -FilePath $using:remotePath -CertStoreLocation $using:Location -Password $using:Password} # Remove Certificate Invoke-Command -Session $Session -ScriptBlock {Remove-Item -Path $using:remotePath} } |