Private/New-RabbitMqSslOption.ps1
|
Function New-RabbitMqSslOption { [cmdletbinding (DefaultParameterSetName = 'SslOption')] param( [Parameter (ParameterSetName = 'SslOption')] [Parameter (ParameterSetName = 'Certificate')] [System.Security.Authentication.SslProtocols]$Version = 'Tls12', [string]$ServerName, [Parameter (ParameterSetName = 'Certificate', Mandatory)] [string]$CertPath, [Parameter (ParameterSetName = 'Certificate', Mandatory)] [securestring]$CertPassphrase, [Parameter (ParameterSetName = 'SslOption')] [Parameter (ParameterSetName = 'Certificate')] [System.Net.Security.SslPolicyErrors]$AcceptablePolicyErrors, [Parameter (ParameterSetName = 'SslOption')] [Parameter (ParameterSetName = 'Certificate', Mandatory)] [RabbitMQ.Client.ConnectionFactory]$Factory ) $SslOption = New-Object -TypeName RabbitMQ.Client.SslOption -ArgumentList $ServerName $SslOption.Enabled = $True $SslOption.Version = $Version if($CertPath) { #Validate PFX/Pkcs12 file try { $certificateObject = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2 $certificateObject.Import($CertPath, $CertPassphrase, [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::DefaultKeySet) if (! $certificateObject.HasPrivateKey) { Write-Error "The provided PFX/PKCS12 certificate file does not contain a private key or the private key is invalid." -ErrorAction Stop } } catch { $PSCmdlet.ThrowTerminatingError($_) } $FactoryAuthMechanisms = [RabbitMQ.Client.ConnectionFactory].GetField("AuthMechanisms") [RabbitMQ.Client.ExternalMechanismFactory]$ExternalAuthObject = New-Object RabbitMQ.Client.ExternalMechanismFactory [RabbitMQ.Client.AuthMechanismFactory[]]$AuthMechanismArray = @($ExternalAuthObject) $FactoryAuthMechanisms.SetValue($Factory, $AuthMechanismArray) $SslOption.CertPath = $CertPath $SslOption.CertPassphrase = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($CertPassphrase)) } if($AcceptablePolicyErrors) { $SslOption.AcceptablePolicyErrors = $AcceptablePolicyErrors } ($SslOption | Out-String) | Write-Verbose #Add to factory, or return SslOption if($Factory) { $SslProp = [RabbitMQ.Client.ConnectionFactory].GetField("Ssl") $SslProp.SetValue($Factory, $SslOption) } else { $SslOption } } |