public/Get-PulpCertificate.ps1
# .ExternalHelp powershell-pulp-help.xml Function Get-PulpCertificate{ [Cmdletbinding()] Param( [Parameter(Mandatory=$false)] [string]$Server = (Get-PulpLocalConfig -Server).Server, [Parameter(Mandatory=$false)] [int]$Port = (Get-PulpLocalConfig -Port).Port, [Parameter(Mandatory=$false)] [string]$Protocol = (Get-PulpLocalConfig -Protocol).Protocol, [Parameter(Mandatory=$false)] [string]$Username = (Get-PulpLocalConfig -Username).Username, [Parameter(Mandatory=$false)] [switch]$Force ) $uri = "${Protocol}://${Server}:${Port}/pulp/api/v2/actions/login/" $certFriendlyName = "Pulp on $server" $certStorePath = "Cert:\CurrentUser\My" $storedCertificates = (Get-ChildItem $certStorePath | Where-Object {$_.FriendlyName -eq $certFriendlyName} | Where-Object {$_.NotAfter -gt (Get-Date)} | Sort-Object NotAfter -Descending) if (($storedCertificates.Count -gt 0) -and (!$Force)) { return $storedCertificates[0] } else { $config = Get-PulpLocalConfig while (!$authResponse){ if (!$Password){ $credential = Get-Credential -user $Username -Message ` "Enter Pulp username and password to obtain certificate" $Password = $credential.GetNetworkCredential().password $Username = $credential.UserName } $base64Cred = [System.Convert]::ToBase64String( [Text.Encoding]::ASCII.GetBytes(("{0}:{1}" -f $Username,$Password))) try { $authResponse = Invoke-RestMethod -Uri $uri -Method Post ` -Headers @{Authorization=("Basic {0}" -f $base64Cred)} ` -ErrorAction Continue } catch { $Password = $null } } $certBytes = [System.Convert]::FromBase64String( $authResponse.certificate.Substring( 28, $authResponse.certificate.Length - 55)) $keyBytes = [System.Convert]::FromBase64String( $authResponse.key.Substring(32, $authResponse.key.Length-63)) $decodedKey = [PowershellPulp.Crypto]::DecodeRsaPrivateKey($keyBytes) $certificate = New-Object ` System.Security.Cryptography.X509Certificates.X509Certificate2( $certBytes,'') $certificate.FriendlyName = $certFriendlyName $certificate.PrivateKey = $decodedKey $certStore = Get-Item $certStorePath $certStore.Open('ReadWrite') $certStore.Add($certificate) # Recursion! return (Get-PulpCertificate -Server $Server -Port $Port ` -Protocol $Protocol -Username $Username) } } |