From 2d404b08fc6574a55510459f90cc661af666f21d Mon Sep 17 00:00:00 2001
From: Michael Craig <mcraig@expedia.com>
Date: Mon, 20 Oct 2014 15:11:10 -0700
Subject: [PATCH] Add Password paramater, and change Test-TargetResource to
 match the Subject name, instead of looking for equal to

---
 .../StackExchange_CertificateStore.psm1       |  61 +++++++++++++-----
 .../StackExchange_CertificateStore.schema.mof | Bin 376 -> 806 bytes
 2 files changed, 44 insertions(+), 17 deletions(-)

diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1 b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1
index 4f063fd..18cc72f 100644
--- a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1
+++ b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.psm1
@@ -70,21 +70,45 @@ function Set-TargetResource
         [parameter()]
         [ValidateSet('Present','Absent')]
         [string]
-        $Ensure = 'Present'
+        $Ensure = 'Present',
+        [parameter()]
+        [string]
+		$Password
     )
 
     $CertificateBaseLocation = "cert:\$Location\$Store"
     
     if ($Ensure -like 'Present')
-    {        
-        Write-Verbose "Adding $path to $CertificateBaseLocation."
-        Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path 
+    {   
+		write-verbose "Is Password Null:  $($password -eq $null)"
+		
+		if ($password -ne $null){
+			write-verbose "Import PFX Cert using password"
+			if ((Get-WmiObject Win32_OperatingSystem  | select -ExpandProperty Version) -eq "6.3.9600"){
+				write-verbose "Windows 2012 detected"
+				$SPassword = ($Password | ConvertTo-SecureString -AsPlainText -Force)
+				Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path -Password $SPassword
+			}else{
+				write-verbose "Windows 2008 detected"
+				certutil -f -importpfx -p $Password $Path
+			}
+		}else
+		{
+			write-verbose "Import PFX Cert without using password"
+			if ((Get-WmiObject Win32_OperatingSystem  | select -ExpandProperty Version) -eq "6.3.9600"){
+				write-verbose "Windows 2012 detected"
+				Import-PfxCertificate -CertStoreLocation $CertificateBaseLocation -FilePath $Path
+			}else{
+				write-verbose "Windows 2008 detected"
+				certutil -f -importpfx $Path
+			}
+		}
     }
     else
     {
         $CertificateLocation = Join-path $CertificateBaseLocation $Name
-        Write-Verbose "Removing $CertificateLocation."
-        dir $CertificateLocation | Remove-Item -Force -Confirm:$false   
+        Write-Verbose "Removing $name from $CertificateBaseLocation."
+        gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')} | Remove-Item -Force -Confirm:$false
     }
 }
 
@@ -110,36 +134,39 @@ function Test-TargetResource
         [parameter()]
         [ValidateSet('Present','Absent')]
         [string]
-        $Ensure = 'Present'
+        $Ensure = 'Present',
+        [parameter()]
+        [string]
+        $Password
     )
 
     $IsValid = $false
-
-    $CertificateLocation = "cert:\$Location\$Store\$Name"
+    
+    $CertificateBaseLocation = "cert:\$Location\$Store\"
 
     if ($Ensure -like 'Present')
     {
-        Write-Verbose "Checking for $Name to be present in the $location store under $store."
-        if (Test-Path $CertificateLocation)
+        Write-Verbose "Checking for $Name to be present in the $CertificateBaseLocation store under $store."
+        if (gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')})
         {
-            Write-Verbose "Found a matching certficate at $CertificateLocation"
+            Write-Verbose "Found a matching certficate at $CertificateBaseLocation"
             $IsValid = $true
         }
         else
         {
-            Write-Verbose "Unable to find a matching certficate at $CertificateLocation"
+            Write-Verbose "Unable to find a matching certficate at $CertificateBaseLocation"
         }
     }
     else
     {
-        Write-Verbose "Checking for $Name to be absent in the $location store under $store."
-        if (Test-Path $CertificateLocation)
+        Write-Verbose "Checking for $Name to be absent in the $CertificateBaseLocation store under $store."
+        if (gci $CertificateBaseLocation | ?{$_.Subject -match $name.Replace('*','')})
         {
-            Write-Verbose "Found a matching certficate at $CertificateLocation"            
+            Write-Verbose "Found a matching certficate at $CertificateBaseLocation"            
         }
         else
         {
-            Write-Verbose "Unable to find a matching certficate at $CertificateLocation"
+            Write-Verbose "Unable to find a matching certficate at $CertificateBaseLocation"
             $IsValid = $true
         }
     }
diff --git a/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof b/DSCResources/StackExchange_CertificateStore/StackExchange_CertificateStore.schema.mof
index b08023ea5dc82108f8086c31fc44ab73ee0fc5af..e87a991f03a0a71a00509070fd763d649c44ee51 100644
GIT binary patch
literal 806
zcmbu7-Ae*N6vfYT;Qz4fQ-Vmn)>DarlqH6}h{&qz2iY2pq7wVBtLNODLPk)CWp+O9
zJ@?+<o!M^Ms9=f&j^7(nd~u#&h76a8ag8#rI2Tbuga=wD^vN)wW{qd+KDd`>#k6zU
zha7!c<~(`je@0bmF*+#Vf;OKoGJC?4cT}<BJf<$gi2mJ^5hL8NrWe#vqxZcrq-av>
zm~+9beXf=9+x~4la=%80D#yCSqFm80$L$HfhEa{-{gxI(oF(=yA=iTII#-{}8RLm{
zs1s8=6P+@u7wV>ZrYhB)jP<lwmHHneKZxi487t)Vb?LTr(;-i&`Mb%``#62W$iyT%
p&wPiTasHegBRx+SR#;^oXB|z?BGPT@)i3RZ4)&USKkME2u>*T!i%S3i

literal 376
zcmaivK}!Qc42ACt`yYlmwXld@?MaskVpogBUP>u(e0GPfvyx=7rS!kM)50i4kPrwj
zFZp<jvLTT<SbQ4>_Uhu&4hwU~9^tLoJ<<mTwgjtx_l^`ZZ5ejB%rh77%uLB`##>iY
zSYvf=G}q>-x?kOr;2F|(?2u>sJX<_qw=|;c!`ei~=uDfE)=~RnuPEl!bg1ZaZzrvz
zrXpAS09zPacFYL+B4B$s`Q#s0;>KUvhfbWdIfhK~FZ`4tJuZ@OUXRlc^p9P7I1bWr
J40-7LRNvF)fA0VQ