Public/Import-VaasCertificate.ps1

function Import-VaasCertificate {
    <#
    .SYNOPSIS
    Import one or more certificates

    .DESCRIPTION
    Import one or more certificates.
    The blocklist will be overridden.

    .PARAMETER CertificatePath
    Path to a certificate file. Provide either this or CertificateData.

    .PARAMETER CertificateData
    Contents of a certificate to import. Provide either this or CertificatePath.

    .PARAMETER Application
    Application name (wildcards supported) or id to associate this certificate.

    .PARAMETER PassThru
    Return imported certificate details

    .PARAMETER VenafiSession
    Authentication for the function.
    The value defaults to the script session object $VenafiSession created by New-VenafiSession.
    A VaaS key can also provided.

    .EXAMPLE
    Import-VaasCertificate -CertificatePath c:\www.VenafiPS.com.cer

    Import a certificate

    .EXAMPLE
    Import-VaasCertificate -CertificatePath c:\www.VenafiPS.com.cer -Application MyApp

    Import a certificate and assign an application

    .EXAMPLE
    Import-VaasCertificate -CertificatePath (gci c:\certs).FullName

    Import multiple certificates

    .EXAMPLE
    Export-VenafiCertificate -CertificateId '\ved\policy\my.cert.com' -Format Base64 | Import-VaasCertificate -VenafiSession $vaas_key

    Export from TPP and import into VaaS.
    As $VenafiSession can only point to one platform at a time, in this case TPP, the session needs to be overridden for the import.

    .EXAMPLE
    Find-TppCertificate -Path '\ved\policy\certs' -Recursive | Export-VenafiCertificate -Format Base64 | Import-VaasCertificate -VenafiSession $vaas_key

    Bulk export from TPP and import into VaaS.
    As $VenafiSession can only point to one platform at a time, in this case TPP, the session needs to be overridden for the import.

    .INPUTS
    CertificatePath, CertificateData

    .OUTPUTS
    PSCustomObject, if PassThru provided

    .LINK
    https://api.venafi.cloud/webjars/swagger-ui/index.html?urls.primaryName=outagedetection-service#/Certificates/certificateimports_create
    #>


    [CmdletBinding(DefaultParameterSetName = 'ByFile')]

    param (

        [Parameter(Mandatory, ParameterSetName = 'ByFile', ValueFromPipelineByPropertyName)]
        [ValidateNotNullOrEmpty()]
        [ValidateScript( {
                if ( $_ | Test-Path ) {
                    $true
                } else {
                    throw "'$_' is not a valid path"
                }
            })]
        [Alias('FullName')]
        [String[]] $CertificatePath,

        [Parameter(Mandatory, ParameterSetName = 'ByData', ValueFromPipelineByPropertyName)]
        [ValidateNotNullOrEmpty()]
        [String[]] $CertificateData,

        [Parameter()]
        [String[]] $Application,

        [Parameter()]
        [switch] $PassThru,

        [Parameter()]
        [psobject] $VenafiSession = $script:VenafiSession
    )

    begin {

        Test-VenafiSession -VenafiSession $VenafiSession -Platform 'VaaS'

        $params = @{
            VenafiSession = $VenafiSession
            Method        = 'Post'
            UriRoot       = 'outagedetection/v1'
            UriLeaf       = 'certificates'
            Body          = @{
                'overrideBlocklist' = 'true'
            }
        }

        if ( $PSBoundParameters.ContainsKey('Application') ) {
            $allApps = Get-VaasApplication -All -VenafiSession $VenafiSession
            $appsForImport = foreach ($thisApplication in $Application) {
                $appFound = $allApps | Where-Object { $_.Name -like $Application -or $_.applicationId -eq $Application }
                switch (@($appFound).Count) {
                    0 {
                        throw ('Application not found. Valid applications are {0}.' -f ($allApps.name -join ', '))
                    }

                    1 {
                        Write-Verbose ('Found application {0}, ID: {1}' -f $appFound.name, $appFound.applicationId)
                        $appFound.applicationId
                    }

                    Default {
                        throw ('More than 1 application found that matches {0}: {1}' -f $Application, ($thisApp.name -join ', '))
                    }
                }
            }
        }

        $allCerts = [System.Collections.Generic.List[object]]::new()
    }

    process {

        if ( $PSCmdlet.ParameterSetName -like 'ByFile*' ) {
            foreach ($thisCertPath in $CertificatePath) {

                if ($PSVersionTable.PSVersion.Major -lt 6) {
                    $cert = Get-Content $thisCertPath -Encoding Byte
                } else {
                    $cert = Get-Content $thisCertPath -AsByteStream
                }

                $newCert = @{
                    'certificate' = [System.Convert]::ToBase64String($cert)
                }
                if ( $appsForImport ) {
                    $newCert.applicationIds = @($appsForImport)
                }
                $allCerts.Add($newCert)
            }
        } else {
            foreach ($thisCertData in $CertificateData) {
                $newCert = @{
                    'certificate' = $thisCertData -replace "`r|`n|-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----"
                }
                if ( $appsForImport ) {
                    $newCert.applicationIds = @($appsForImport)
                }
                $allCerts.Add($newCert)
            }
        }

    }

    end {
        $params.Body.certificates = $allCerts

        $response = Invoke-VenafiRestMethod @params

        Write-Verbose $response.statistics

        if ( $PassThru ) {
            $response.certificateInformations | Get-VenafiCertificate -VenafiSession $VenafiSession
        }
    }
}