Closed kduvzc closed 3 years ago
ashishdhingra
commented
3 years ago Hi @kduvzc,
Good morning.
As per Microsoft's Install-Module documentation at , -Force parameter allows for multiple versions to be installed for the module. Please let me know if -Force parameter works fine along with -SkipPublisherCheck for your scenario. I would suggest testing in a test non-production box first to avoid any unknown issues.
Thanks, Ashish
kduvzc
commented
3 years ago Hi @ashishdhingra !
As stated in the problem description "Unfortunately, we're relying on the RequiredModules property in a psd1 file to install the modules". We're not issuing the Install-Module cmdlet to install the module. I believe PowerShellGet takes care of the installation of the RequiredModules it finds in the psd1 file behind the scenes: therefore there is no way to either pass a -Force or -SkipPublisherCheck
ashishdhingra
commented
3 years ago Hi @kduvzc,
I tried to find solution online for this use case. Unfortunately, PowerShellGet automatically downloads (may be using Install-Module) behind the scenes, and I do not see a way to configure SkipVersionCheck for the RequiredModules dependencies. The only (wacky) un-tested workaround I could think of is to:
Find-Module) for the required AWSPowershell.NetCore version and if it is not present, invoke Install-Module with the SkipVersionCheck command.AWSPowershell.NetCore version, but invoke the common module to install the specified version of AWSPowershell.NetCore as a first check.This is a limitation of PowerShell and not sure if we could make RequiredModules work with SkipVersionCheck flag.
Hope this helps.
Thanks, Ashish
kduvzc
commented
3 years ago What about republishing all of the previous versions of AWSPowerShell.NetCore signed with the newer root certification authority?
By the way... why was this changed in the first place?
ashishdhingra
commented
3 years ago Hi @kduvzc,
Good morning.
Previous versions of AWSPowerShell.NetCore are already published to NuGet and would not be updated with the newer root certificate authority due to obvious reasons. Please refer to Announcement which was made when this issue occurred. The new certificate was issued with Amazon Web Services entity which makes sense since SDKs are managed by AWS.
Thanks, Ashish
github-actions[bot]
commented
3 years ago This issue has not recieved a response in 2 weeks. If you want to keep this issue open, please just leave a comment below and auto-close will be canceled.
It seems like the root certification authority used to sign the AWSPowershell.NetCore package has recently changed: version 4.0.5.0 root certification authority is VeriSign Universal Root Certification Authority while version 4.1.2.0 uses Amazon Web Services, Inc. . When PowerShellGet attempts to install the newer 4.1.2.0 onto a machine which already has version 4.0.5.0 installed, it fails with
suggesting us to execute the Install-Module with the -SkipPublisherCheck flag. Unfortunately, we're relying on the RequiredModules property in a psd1 file to install the modules. We cannot simply uninstall the 4.0.5.0 version as it is needed to support older scripts. Is there a way to avoid this issue?