Skip to content

Commit

Permalink
#ab58570 Added additional error trapping and logging. Also modified t…
Browse files Browse the repository at this point in the history 
…he certutil logic to use -addstore when no password was provided when adding a certificate.
  • Loading branch information
Bob Pokorny committed May 31, 2024
1 parent 6e74572 commit 5be3649
Showing 1 changed file with 27 additions and 12 deletions.
39 changes: 27 additions & 12 deletions IISU/ClientPSCertStoreManager.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,8 +133,17 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
// If no private key password is provided, import the pfx file directory to the store using addstore argument
string script = @"
param($pfxFilePath, $storePath)
$output = certutil -addstore Cert:\LocalMachine\$storePath $pfxFilePath 2>&1
$c = $LASTEXITCODE
$output = certutil -addstore $storePath $pfxFilePath 2>&1
$exit_message = ""LASTEXITCODE:$($LASTEXITCODE)""
if ($output.GetType().Name -eq ""String"")
{
$output = @($output, $exit_message)
}
else
{
$output += $exit_message
}
$output
";

Expand All @@ -148,10 +157,9 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin

string script = @"
param($pfxFilePath, $privateKeyPassword)
$output = certutil -importpfx -p $privateKeyPassword $pfxFilePath 2>&1
$output = certutil -importpfx -p $privateKeyPassword $storePath $pfxFilePath 2>&1
$exit_message = ""LASTEXITCODE:$($LASTEXITCODE)""
$stuff = certutil -dump
if ($stuff.GetType().Name -eq ""String"")
{
$stuff = @($stuff, $exit_message)
Expand All @@ -160,7 +168,6 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
{
$stuff += $exit_message
}
$output
$stuff
";
Expand All @@ -177,9 +184,20 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
{
string script = @"
param($pfxFilePath, $cspName, $storePath)
$output = certutil -csp $cspName -addstore LocalMachine\$storePath $pfxFilePath 2>&1
$c = $LASTEXITCODE
$output = certutil -csp $cspName -addstore $storePath $pfxFilePath 2>&1
$exit_message = ""LASTEXITCODE:$($LASTEXITCODE)""
$stuff = certutil -dump
if ($stuff.GetType().Name -eq ""String"")
{
$stuff = @($stuff, $exit_message)
}
else
{
$stuff += $exit_message
}
$output
$stuff
";

ps.AddScript(script);
Expand All @@ -191,10 +209,10 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
{
string script = @"
param($pfxFilePath, $privateKeyPassword, $cspName)
$output = certutil -importpfx -csp $cspName -p $privateKeyPassword LocalMachine\$storePath $pfxFilePath 2>&1
$output = certutil -importpfx -csp $cspName -p $privateKeyPassword $storePath $pfxFilePath 2>&1
$exit_message = ""LASTEXITCODE:$($LASTEXITCODE)""
$stuff = certutil -dump
$stuff = certutil -dump
if ($stuff.GetType().Name -eq ""String"")
{
$stuff = @($stuff, $exit_message)
Expand All @@ -203,7 +221,6 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
{
$stuff += $exit_message
}
$output
$stuff
";
Expand All @@ -221,8 +238,6 @@ public JobResult ImportPFXFile(string filePath, string privateKeyPassword, strin
var results = ps.Invoke();

// Get the last exist code returned from the script
// This statement is in a try/catch block because PSVariable.GetValue() is not a valid method on a remote PS Session and throws an exception.
// Due to security reasons and Windows architecture, retreiving values from a remote system is not supported.
int lastExitCode = 0;
try
{
Expand Down

0 comments on commit 5be3649

Please sign in to comment.