From c99facb305ffe061f9075f622842539a39b9de5a Mon Sep 17 00:00:00 2001 From: Greg Brownstein Date: Fri, 6 Dec 2024 07:14:18 -0500 Subject: [PATCH] certificate validity default from template (#311) --- VenafiPS/Public/New-VcCertificate.ps1 | 54 +++++++++------------------ 1 file changed, 18 insertions(+), 36 deletions(-) diff --git a/VenafiPS/Public/New-VcCertificate.ps1 b/VenafiPS/Public/New-VcCertificate.ps1 index 60fe77dd..627434cc 100644 --- a/VenafiPS/Public/New-VcCertificate.ps1 +++ b/VenafiPS/Public/New-VcCertificate.ps1 @@ -48,7 +48,7 @@ function New-VcCertificate { .PARAMETER ValidUntil Date at which the certificate becomes invalid. - Days and hours are supported, not minutes. + The day and hour will be set and not to the minute level. .PARAMETER PassThru Return the certificate request. @@ -161,7 +161,7 @@ function New-VcCertificate { } } )] - [DateTime] $ValidUntil = (Get-Date).AddDays(90), + [DateTime] $ValidUntil, [Parameter()] [switch] $PassThru, @@ -175,42 +175,24 @@ function New-VcCertificate { Test-VenafiSession -VenafiSession $VenafiSession -Platform 'VC' # validation - $allApps = Get-VcApplication -All - - $thisApp = $allApps | Where-Object { $_.Name -like $Application -or $_.applicationId -eq $Application } - switch (@($thisApp).Count) { - 0 { - throw ('Application not found. Valid applications are {0}.' -f ($allApps.name -join ', ')) - } - - 1 { - Write-Verbose ('Found application {0}, ID: {1}' -f $thisApp.name, $thisApp.applicationId) - $thisAppID = $thisApp.applicationId - } - - Default { - throw ('More than 1 application found that matches {0}: {1}' -f $Application, ($thisApp.name -join ', ')) - } + $thisApp = Get-VcApplication -Application $Application + if ( -not $thisApp ) { + throw "Application $Application does not exist" } - $thisTemplate = $thisApp.issuingTemplate | Where-Object { $_.Name -like $IssuingTemplate -or $_.issuingTemplateId -eq $IssuingTemplate } - switch (@($thisTemplate).Count) { - 0 { - throw ('Issuing template not found or not valid for this application. Valid templates are {0}.' -f ($thisApp.certificateIssuingTemplate.name -join ', ')) - } - - 1 { - Write-Verbose ('Found template {0}, ID: {1}' -f $thisTemplate.name, $thisTemplate.id) - $thisTemplateID = $thisTemplate.issuingTemplateId - } - - Default { - throw ('More than 1 issuing template found that matches {0}: {1}' -f $IssuingTemplate, ($thisTemplate.name -join ', ')) - } + $thisTemplate = Get-VcIssuingTemplate -IssuingTemplate $IssuingTemplate + if ( -not $thisTemplate ) { + throw "Issuing template $IssuingTemplate does not exist" } - $span = New-TimeSpan -Start (Get-Date) -End $ValidUntil - $validity = 'P{0}DT{1}H' -f $span.Days, $span.Hours + if ( $ValidUntil ) { + $span = New-TimeSpan -Start (Get-Date) -End $ValidUntil + $validity = 'P{0}DT{1}H' -f $span.Days, $span.Hours + } + else { + # end date not provided, use default from template + $validity = $thisTemplate.product.validityPeriod + } $params = @{ @@ -219,8 +201,8 @@ function New-VcCertificate { UriLeaf = 'certificaterequests' Body = @{ isVaaSGenerated = $true - applicationId = $thisAppID - certificateIssuingTemplateId = $thisTemplateID + applicationId = $thisApp.applicationId + certificateIssuingTemplateId = $thisTemplate.issuingTemplateId validityPeriod = $validity } }