Skip to content

Commit

Permalink
xWebSite: Taking the latest certificate when multiple has same subject (
Browse files Browse the repository at this point in the history
#561)

- xWebSite
  - Fixed HTTPS binding issue causing failure when CertificateSubject matches
    multiple certificates.
  • Loading branch information
vidarw authored and johlju committed Jan 10, 2020
1 parent 87ec40c commit 66f4d97
Show file tree
Hide file tree
Showing 3 changed files with 37 additions and 1 deletion.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,9 @@ For older change log history see the [historic changelog](HISTORIC_CHANGELOG.md)

- xWebAdministration
- Update GitVersion.yml with the correct regular expression.
- xWebsite
- Fixed HTTPS binding issue causing failure when CertificateSubject matches
multiple certificates.

## [3.1.0] - 2019-12-30

Expand Down
2 changes: 1 addition & 1 deletion source/DSCResources/MSFT_xWebSite/MSFT_xWebSite.psm1
Original file line number Diff line number Diff line change
Expand Up @@ -1474,7 +1474,7 @@ function ConvertTo-WebBinding
if ($FindCertificateSplat)
{
$FindCertificateSplat.Add('Store',$CertificateStoreName)
$Certificate = Find-Certificate @FindCertificateSplat
$Certificate = Find-Certificate @FindCertificateSplat | Select-Object -First 1
if ($Certificate)
{
$certificateHash = $Certificate.Thumbprint
Expand Down
33 changes: 33 additions & 0 deletions tests/Unit/MSFT_xWebsite.Tests.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -2509,6 +2509,39 @@ try
}
}

Context 'Protocol is HTTPS and CertificateSubject is specified. Multiple matching certificates' {
$MockBindingInfo = @(
New-CimInstance -ClassName MSFT_xWebBindingInformation `
-Namespace root/microsoft/Windows/DesiredStateConfiguration `
-Property @{
Protocol = 'https'
CertificateSubject = 'TestCertificate'
} -ClientOnly
)

Mock Find-Certificate -MockWith {
return @(
[PSCustomObject]@{
Thumbprint = 'C65CE51E20C523DEDCE979B9922A0294602D9D5C'
},
[PSCustomObject]@{
Thumbprint = '28B88504F609F685B9A49C8F0EC49EDA1337CAFE'
}
)
}

It 'should not throw an error' {
{ ConvertTo-WebBinding -InputObject $MockBindingInfo } | Should Not Throw
}
It 'should return the correct thumbprint' {
$Result = ConvertTo-WebBinding -InputObject $MockBindingInfo
$Result.certificateHash | Should Be 'C65CE51E20C523DEDCE979B9922A0294602D9D5C'
}
It 'Should call Find-Certificate mock' {
Assert-MockCalled -CommandName Find-Certificate -Times 1
}
}

Context 'Protocol is HTTPS and invalid CertificateSubject is specified' {
$MockBindingInfo = @(
New-CimInstance -ClassName MSFT_xWebBindingInformation `
Expand Down

0 comments on commit 66f4d97

Please sign in to comment.