This repository has been archived by the owner on May 15, 2018. It is now read-only.
Added ability to import certificates of other types than PKCS12/PFX #8
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Certificates can be exported in Windows using 4 different formats: PKCS12, PKCS7, DER encoded X509 and Base64 encoded X509. The Import-PfxCertificate only supports PKCS12/PFX, for all other types it is necessary to use the Import-Certificate method instead. I added an additional parameter to the CertificateStore specifying the format of the certificate, allowing the user to choose from PKCS12 (default), PKCS7 and X509 (both DER and Base64), and implemented a check to determine which method to use while importing.
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The Import-PfxCertificate only allows importing PKCS12-encoded certificates (often with its private key). Windows however allows certificates to be exported in several formats: PKCS12, PKCS7 and X509 (DER and Base64 encoded).
I have added an additional parameter
Formatto the resource to allow the user to specify which format the certificate is in, and some additional logic to use the Import-Certificate method for all formats except PKCS12. Available formats arePKCS12,PKCS7andX509. The resource will default to thePKCS12format for backwards compatibility.I first considered basing the logic solely on the file extension of the FilePath, but reconsidered since in my experience there are a lot of variations on certificate file extensions: .cer, .cert, .crt, .pfx, .p12.