dbatools

0.8.957

functions/Import-DbaCertificate.ps1

                                Function Import-DbaCertificate

{

<#

.SYNOPSIS

Imports certificates from .cer files using smo.

.DESCRIPTION

Imports certificates from.cer files using smo.

.PARAMETER SqlServer

The SQL Server to create the certificates on.

.PARAMETER Path

The Path the contains the certificate and private key files.

.PARAMETER SqlCredential

Allows you to login to servers using SQL Logins as opposed to Windows Auth/Integrated/Trusted. To use:

$scred = Get-Credential, this pass $scred object to the param. 

Windows Authentication will be used if DestinationSqlCredential is not specified. To connect as a different Windows user, run PowerShell as that user.    

.PARAMETER Certificates

Imports just the certificates specified.

.PARAMETER Password

Secure string used to decrypt the private key.

.PARAMETER WhatIf 

Shows what would happen if the command were to run. No actions are actually performed. 

.PARAMETER Confirm 

Prompts you for confirmation before executing any changing operations within the command. 

.NOTES

Original Author: Jess Pomfret (@jpomfret)

Tags: Migration, Certificate

Website: https://dbatools.io

Copyright: (C) Chrissy LeMaire, clemaire@gmail.com

License: GNU GPL v3 https://opensource.org/licenses/GPL-3.0

.EXAMPLE

Import-DbaCertificate -SqlServer Server1 -Path \\Server1\Certificates -password (ConvertTo-SecureString -force -AsPlainText GoodPass1234!!)

Imports all the certificates in the specified path.

.EXAMPLE

Import-DbaCertificate -SqlServer Server1 -Path \\Server1\Certificates -Certificates "CertTDE"

Prompts for password then imports certificate in the specified path named 'CertTDE'

#>

    [CmdletBinding(DefaultParameterSetName = "Default", SupportsShouldProcess = $true)]

    param (

        [Parameter(Mandatory = $true)]

        [ValidateNotNullOrEmpty()]

        [Alias("ServerInstance","SqlInstance")]

        [object]$SqlServer,

        [parameter(Mandatory = $true, ValueFromPipeline = $true)]

        [object[]]$Path,

        [System.Management.Automation.PSCredential]$SqlCredential,

        [Array]$Certificates,

        [Security.SecureString] $Password = (Read-Host "Password" -AsSecureString),

        [switch]$Silent    

    )

    BEGIN {

        $server = Connect-SqlServer $SqlServer $SqlCredential

    }

    PROCESS {

        if (!$path.StartsWith('\')) {

            Stop-Function -Message "Path should be a UNC share." -Continue

        }

        $Path = $Path.TrimEnd('\')

        if(!$Certificates) {

            $Certificates =  Get-ChildItem \\svtsqlrestore\BackupTest\cert *.cer | Select-Object -Expand Basename

        }

        foreach($Certificate in $Certificates) {

            if ($Pscmdlet.ShouldProcess("[$certificate]' on $SqlServer", "Importing Certificate")) {

                $Cert = New-Object -TypeName Microsoft.SqlServer.Management.Smo.Certificate

                $Cert.name = $Certificate

                $Cert.parent = $Server.Databases['Master']

                Write-Message -Level Verbose -Message ("Creating Certificate: {0}" -f $Certificate)

                try {

                    $Cert.Create("$Path\$Certificate.cer", 1, "$Path\$Certificate.pvk", [System.Runtime.InteropServices.marshal]::PtrToStringAuto([System.Runtime.InteropServices.marshal]::SecureStringToBSTR($password)))

                } catch {

                    Write-Message -Level Warning -Message $_ -ErrorRecord $_ -Target $instance

                }

            }

        }    

    }

    END {

        $server.ConnectionContext.Disconnect()

    }

}