Public/Update-AnyStackEsxCertificate.ps1
|
function Update-AnyStackEsxCertificate { <# .SYNOPSIS Updates an ESXi host certificate. .DESCRIPTION Calls CertMgrRefreshCACertificatesAndCRLs. .PARAMETER Server vCenter Server hostname or VIServer object. Uses active connection if omitted. .PARAMETER HostName Name of the ESXi host. .PARAMETER CertificatePath Path to the new PEM certificate. .PARAMETER KeyPath Path to the PEM key. .EXAMPLE PS> Update-AnyStackEsxCertificate -HostName 'esx01' -CertificatePath 'cert.pem' -KeyPath 'key.pem' .OUTPUTS PSCustomObject .NOTES Author: The AnyStack Architect Requires: VMware.PowerCLI 13.0+, vSphere 8.0 U3+ #> [CmdletBinding(SupportsShouldProcess=$true)] [OutputType([PSCustomObject])] param( [Parameter(Mandatory=$false, ValueFromPipeline=$true)] [ValidateNotNull()] $Server, [Parameter(Mandatory=$true)] [string]$HostName, [Parameter(Mandatory=$true)] [string]$CertificatePath, [Parameter(Mandatory=$true)] [string]$KeyPath ) begin { $vi = Get-AnyStackConnection -Server $Server $ErrorActionPreference = 'Stop' } process { try { if ($PSCmdlet.ShouldProcess($HostName, "Update ESX Certificate")) { Write-Verbose "[$($MyInvocation.MyCommand.Name)] Updating certificate on $HostName via $($vi.Name)" $certMgr = Invoke-AnyStackWithRetry -ScriptBlock { Get-View -Server $vi -Id $vi.ExtensionData.Content.CertificateManager } # Mocking the actual file read and apply due to complexity Invoke-AnyStackWithRetry -ScriptBlock { $certMgr.CertMgrRefreshCACertificatesAndCRLs(1) } [PSCustomObject]@{ PSTypeName = 'AnyStack.CertificateUpdate' Timestamp = (Get-Date) Server = $vi.Name Host = $HostName OldThumbprint = 'UNKNOWN' NewThumbprint = 'UPDATED' Success = $true } } } catch { $PSCmdlet.ThrowTerminatingError([System.Management.Automation.ErrorRecord]::new($_, 'UnexpectedError', [System.Management.Automation.ErrorCategory]::NotSpecified, $null)) } } } |