Closed iainbrighton closed 8 years ago
When adding Root CA certificates, they don't typically have private keys. However, the Add-NSCertKeyPair passes the KeyPath parameter when it's blank, causing the cmdlet to error.
KeyPath
PS C:> ipmo NetScaler -Force PS C:> $ns = Connect-NetScaler -IPAddress 10.200.0.100 -Credential nsroot -PassThru PS C:> Add-NSCertKeyPair -Session $ns -CertKeyName TestLabRootCA -CertPath /nsconfig/ssl/TestLabRootCA.cer -CertKeyFormat DER -Verbose VERBOSE: Performing the operation "Add SSL certificate and private key pair" on target "TestLabRootCA". VERBOSE: URI: http://10.200.0.100/nitro/v1/config/sslcertkey?action=add VERBOSE: JSON Payload: { "sslcertkey": { "key": "", "certkey": "TestLabRootCA", "cert": "/nsconfig/ssl/TestLabRootCA.cer", "inform": "DER" }, "params": { "onerror": "EXIT", "warning": "NO" } } Invoke-RestMethod : { "errorcode": 1107, "message": "String too short [key, 1]", "severity": "ERROR" } At C:\Program Files\WindowsPowerShell\Modules\NetScaler\Private\_InvokeNSRestApi.ps1:144 char:21 + $response = Invoke-RestMethod @restParams + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebExc eption + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
Change https://github.com/devblackops/NetScaler/blob/master/NetScaler/Public/Add-NSCertKeyPair.ps1#L89-L94 to:
$params = @{ certkey = $CertKeyName cert = $CertPath inform = $CertKeyFormat } if ($PSBoundParameter.ContainsKey('KeyPath')) { $params.Add('key', $KeyPath) }
I'm happy to submit a PR for this change if you would like me to?
Please do!
When adding Root CA certificates, they don't typically have private keys. However, the Add-NSCertKeyPair passes the
KeyPath
parameter when it's blank, causing the cmdlet to error.Current Behavior
Possible Solution
Change https://github.com/devblackops/NetScaler/blob/master/NetScaler/Public/Add-NSCertKeyPair.ps1#L89-L94 to:
Your Environment