
    Sets CSR extension attributes for Puppet agent requests
    Sets CSR extension attributes for Puppet agent requests
    Set-CertificateRequestExtension @{pp_service = 'sqlserver'; pp_role = 'mysql'}
    This would set the pp_service and pp_role certificate extension attributes

function Set-CertificateExtensions
        # The extension attributes to be set
        [Parameter(Mandatory = $true, Position = 0)]
        $ppRegCertExtShortNames = @(
        $ppAuthCertExtShortNames = @(
        $ValidExtensionShortNames = $ppRegCertExtShortNames + $ppAuthCertExtShortNames
        $CSRYamlContent = "extension_requests:`n"
        # Make sure they are all valid
        $ExtensionAttributes.GetEnumerator() | ForEach-Object {
            if ($_.Key -notin $ValidExtensionShortNames)
                throw "Invalid extension short name: $($_.Key)"
            $CSRYamlContent += " $($_.Key): $($_.Value)`n"
        # Things are in different places depending on OS
        if ($IsLinux -or $IsMacOS)
            $CSRYamlPath = "/etc/puppetlabs/puppet/csr_attributes.yaml"
        if ($IsWindows)
            $CSRYamlPath = "C:\ProgramData\PuppetLabs\puppet\etc\csr_attributes.yaml"
        # Write the file, we set force so it always overwrites even if it already exists
        New-Item $CSRYamlPath -Force -ItemType File -Value $CSRYamlContent