D365FOLBDAdmin

3.0.8.0

functions/Import-D365LBDDBCertificate.ps1

                                function Import-D365LBDDBCertificate {

    <# 

   .SYNOPSIS

  Imports PFX File into all Application Servers Trusted Root

  .DESCRIPTION

 Imports PFX File into all Application Servers Trusted Root. Created to import database certificates

  .EXAMPLE

   Import-D365Certificates -pfxLocation "C:\Certs\FakeThumbprint.pfx" -CertPassword 'StrongFakePass123' -Config $Config

  .EXAMPLE

   $Certs = New-D365MSSQLSelfCert -config $Config -CertPass 'StrongFakePass123'

   foreach ($cert in $Certs){

    Import-D365Certificates -pfxLocation $cert.FullName -CertPassword 'StrongFakePass123' -Config $Config -DeletePFXAfter

   }

  #>

    [alias("Import-D365DBCertificate")]

    [CmdletBinding()]

    param

    (

        [Parameter(Mandatory = $true)]

        [string]$PFXLocation,

        [Parameter(Mandatory = $true)]

        [string]$CertPassword,

        [Parameter(ValueFromPipeline = $True)]

        [psobject]$Config,

        [switch]$DeletePFXAfter

    )

    BEGIN {

    }

    PROCESS {

        if (!$Config -or $Config.OrchestratorServerNames.Count -eq 0) {

            Write-PSFMessage -Level VeryVerbose -Message "Config not defined or Config is invalid. Trying to Get new config using $ComputerName"

            $Config = Get-D365LBDConfig -ComputerName $ComputerName -HighLevelOnly

        }

        $CertFile = Get-ChildItem $PFXLocation

        foreach ($Server in $Config.AllAppServerList | Select ComputerName) {

            $ServerName = $Server.ComputerName

            Write-PSFMessage -Level Verbose -Message "Trying to import into $ServerName"

            if (!(test-path -PathType Container "\\$ServerName\c$\certs")) {

                mkdir "\\$ServerName\c$\certs"

            }

            Copy-Item $PFXLocation -Destination \\$ServerName\c$\certs\$($CertFile.Name)

            Invoke-Command -ScriptBlock {

                $LocalFile = Get-ChildItem "C:\Certs\$($using:CertFile.Name)"

                $CertSecurePass = ConvertTo-SecureString -String $using:CertPassword -AsPlainText -Force

                try {

                    Import-PfxCertificate -FilePath $LocalFile.FullName -Password $CertSecurePass -CertStoreLocation Cert:\LocalMachine\Root

                    Write-Verbose "Imported Certificate into $env:ComputerName" -Verbose

                }

                catch {

                    Write-Warning -Message "Could not import into $env:ComputerName"

                    Write-Warning -Message "$_"

                }

                finally {

                    if ($using:DeletePFXAfter) {

                        Get-ChildItem $LocalFile.FullName | Remove-Item -Force

                    }

                }

            } -ComputerName $ServerName

        }

    }

    END {

    }

}