xIISCertSBinding

1.0.0.1

DSCResources/xIISCertSBinding/xIISCertSBinding.psm1

                                function Get-TargetResource

{

    [CmdletBinding()]

    [OutputType([System.Collections.Hashtable])]

    param

    (

        [parameter(Mandatory = $true)]

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.String]

        $IP,

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint,

        [parameter(Mandatory = $true)]

        [System.String]

        $BindingUrl

    )

    #Write-Verbose "Use this cmdlet to deliver information about command processing."

    #Write-Debug "Use this cmdlet to write debug information while troubleshooting."

    $returnValue = @{

        Port = $Port

        IP = $IP

        CertThumbprint = $CertThumbprint

    }

    $returnValue

}

function Set-TargetResource

{

    [CmdletBinding()]

    param

    (

        [parameter(Mandatory = $true)]

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.String]

        $IP,

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint,

        [parameter(Mandatory = $true)]

        [System.String]

        $BindingUrl

    )

    Write-Warning "启动配置进程"

    Write-Warning "配置声明为 $($IP) $($Port) $($CertThumbprint)"

    #Write-Verbose "Use this cmdlet to deliver information about command processing."

    #Write-Debug "Use this cmdlet to write debug information while troubleshooting."

    #Include this line if the resource requires a system reboot.

    #$global:DSCMachineStatus = 1

    SetBind -Port $Port -IP $IP -CertThumbprint $CertThumbprint -BindingUrl $BindingUrl

    Write-Warning "退出配置进程"

}

function Test-TargetResource

{

    [CmdletBinding()]

    [OutputType([System.Boolean])]

    param

    (

        [parameter(Mandatory = $true)]

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.String]

        $IP,

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint,

        [parameter(Mandatory = $true)]

        [System.String]

        $BindingUrl

    )

    Write-Warning "启动测试进程"

    Write-Warning "配置声明为 $($IP) $($Port) $($CertThumbprint)"

    $result = $false

    if((TestCertExist -CertThumbprint $CertThumbprint) -eq (TestBind -Port $Port -IP $IP -CertThumbprint $CertThumbprint -BindingUrl $BindingUrl) -eq $true)

    {

        $result = $true

    }    

    $result

    Write-Warning "Test-TargetResource 返回结果:  $($result)" 

    Write-Warning "退出测试进程"

}

function TestCertExist

{

    param

    (

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint

    )

    $result =$false

    Write-Warning "获取SSLFlage 0 证书存储区域"

    $certs = Get-ChildItem Cert:\LocalMachine\My

    foreach($item in $certs)

    {

        if($item.Thumbprint -eq $CertThumbprint)

        {

            $result = $true

            Write-Warning "$($CertThumbprint)  证书存在"

            break  

        }

    }

    $result

}

function TestBind

{

    param

    (

        [parameter(Mandatory = $true)]

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.String]

        $IP,

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint,

        [parameter(Mandatory = $true)]

        [System.String]

        $BindingUrl

    )

    Get-Website | Out-Null

    Write-Warning "获取 $($CertThumbprint)  证书绑定"

    $Bindings = Get-ChildItem IIS:\SslBindings

    $result =$false

    foreach($item in $Bindings)

    {

        if(($item.IPAddress -eq $IP) -and ($item.port -eq $Port) -and ($item.Thumbprint -eq $CertThumbprint) )

        {

            $result =$true 

            Write-Warning "$($CertThumbprint) 绑定存在"

            break

        }

    }

    $result

}

function SetBind

{

    param

    (

        [parameter(Mandatory = $true)]

        [System.UInt16]

        $Port,

        [parameter(Mandatory = $true)]

        [System.String]

        $IP,

        [parameter(Mandatory = $true)]

        [System.String]

        $CertThumbprint,

        [parameter(Mandatory = $true)]

        [System.String]

        $BindingUrl

    )

    Write-Warning "开始对 $($CertThumbprint) 证书进行绑定 端口 $($IP) IP地址 $($IP) "

    $SSLstring = "IIS:\SslBindings\" + $IP.ToString() + "!"+$Port+"!"

    $SSLstring

    New-Item  $SSLstring -Thumbprint $CertThumbprint -Force 

}

Export-ModuleMember -Function *-TargetResource