When importing a certificate with the full certificate chain including the intermediate certificate authority, it would be good if the Add-DbaComputerCertificate would have an option to import all of it instead of just the server cert.
Is there a command that is similiar or close to what you are looking for?
Yes
Technical Details
When importing a certificate from let's encrypt using the the Add-DbaComputerCertificate cmdlet, it only imports the cert and not the full chain including the intermediate root cert. If I then try to assigne the cert using Set-DbaNetworkCertificate it fails to assign read permissions to the cert, and I get the following error
WARNING: Read-only permissions could not be granted to certificate, unable to determine private key path.
If i import the certificate using the Import-PfxCertificate cmdlet like shown below, it imports the server cert and intermediate root cert (the full chain), then when using Set-DbaNetworkCertificate i don't get the read-only permission error like i previously did.
Summarize Functionality
When importing a certificate with the full certificate chain including the intermediate certificate authority, it would be good if the Add-DbaComputerCertificate would have an option to import all of it instead of just the server cert.
Is there a command that is similiar or close to what you are looking for?
Yes
Technical Details
When importing a certificate from let's encrypt using the the Add-DbaComputerCertificate cmdlet, it only imports the cert and not the full chain including the intermediate root cert. If I then try to assigne the cert using Set-DbaNetworkCertificate it fails to assign read permissions to the cert, and I get the following error
WARNING: Read-only permissions could not be granted to certificate, unable to determine private key path.
If i import the certificate using the Import-PfxCertificate cmdlet like shown below, it imports the server cert and intermediate root cert (the full chain), then when using Set-DbaNetworkCertificate i don't get the read-only permission error like i previously did.