search

devblackops / NetScaler

PowerShell module for interacting with Citrix NetScaler via the Nitro API
Apache License 2.0
69 stars 32 forks source link

Cannot add root CA/DER certificates #22

Closed iainbrighton closed 8 years ago

iainbrighton commented 8 years ago

When adding Root CA certificates, they don't typically have private keys. However, the Add-NSCertKeyPair passes the KeyPath parameter when it's blank, causing the cmdlet to error.

Current Behavior

PS C:> ipmo NetScaler -Force
PS C:> $ns = Connect-NetScaler -IPAddress 10.200.0.100 -Credential nsroot -PassThru
PS C:> Add-NSCertKeyPair -Session $ns -CertKeyName TestLabRootCA -CertPath /nsconfig/ssl/TestLabRootCA.cer -CertKeyFormat DER -Verbose
VERBOSE: Performing the operation "Add SSL certificate and private key pair" on target "TestLabRootCA".
VERBOSE: URI: http://10.200.0.100/nitro/v1/config/sslcertkey?action=add
VERBOSE: JSON Payload:
{
    "sslcertkey":  {
                       "key":  "",
                       "certkey":  "TestLabRootCA",
                       "cert":  "/nsconfig/ssl/TestLabRootCA.cer",
                       "inform":  "DER"
                   },
    "params":  {
                   "onerror":  "EXIT",
                   "warning":  "NO"
               }
}
Invoke-RestMethod : { "errorcode": 1107, "message": "String too short [key, 1]", "severity": "ERROR" }
At C:\Program Files\WindowsPowerShell\Modules\NetScaler\Private\_InvokeNSRestApi.ps1:144 char:21
+         $response = Invoke-RestMethod @restParams
+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc
   eption
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

Possible Solution

Change https://github.com/devblackops/NetScaler/blob/master/NetScaler/Public/Add-NSCertKeyPair.ps1#L89-L94 to:

$params = @{
    certkey = $CertKeyName
    cert = $CertPath
    inform = $CertKeyFormat
}
if ($PSBoundParameter.ContainsKey('KeyPath')) {
    $params.Add('key', $KeyPath)
}

Your Environment

iainbrighton commented 8 years ago

I'm happy to submit a PR for this change if you would like me to?

devblackops commented 8 years ago

Please do!