functions/certificates/Update-NavServerCertificate.ps1
|
function Update-NavServerCertificate { [CmdletBinding()] param ( [Parameter(Mandatory=$true)] [string]$ServerInstance, [Parameter(Mandatory=$true)] [string]$Thumbprint, [switch]$SkipRestart, [switch]$Force ) begin { $currentThumbprint = Get-NavServicesCertificateThumbprint -ServerInstance $ServerInstance if ($currentThumbprint) { $currentFriendlyName = Get-CertificateFriendlyName -Thumbprint $currentThumbprint } $newFriendlyName = Get-CertificateFriendlyName -Thumbprint $Thumbprint } process { if ($currentFriendlyName -ne $newFriendlyName) { if (-not $Force) { Write-Error "New certificate $($Thumbprint) FriendlyName '$($newFriendlyName)' does not match $($currentThumbprint) FriendlyName '$($currentFriendlyName)'! Use -Force to to skip this check." return $false } else { Write-Warning "Forcing update of server instance $($ServerInstance) to use $($Thumbprint) ($($newFriendlyName)). Replacing $($currentThumbprint) ($($currentFriendlyName))." } } if ($currentThumbprint -ne $Thumbprint) { Write-Verbose "Configure $($ServerInstance) to use $($Thumbprint) as ServicesCertificateThumbprint." Set-NAVServerConfiguration -ServerInstance $ServerInstance -KeyName ServicesCertificateThumbprint -KeyValue $Thumbprint -WarningAction SilentlyContinue if (-not $SkipRestart) { if ((Get-NAVServerInstance -ServerInstance $ServerInstance).State -eq 'Running') { Write-Verbose "Restart server instance $($ServerInstance)" Restart-NAVServerInstance -ServerInstance $ServerInstance | Out-Null } } return $true } else { Write-Verbose "Server $($ServerInstance) already using the certificate $($Thumbprint)." return $true } } end { } } |