Open mhenderson-so opened 6 years ago
Hi @mhenderson-so - good call out.
I think the best method is for the parameter to support all the available key sizes for RSA and EDCH keys but we will need to create an Assert-ResourceProperty
function that will be called inside Test-TargetResource
and Set-TargetResource
that will validate the parameter combination.
I'll take a look at implementing this over this weekend.
Details of the scenario you tried and the problem that is occurring: When attempting to use xCertReq to request an ECDH certificate, you typically use a key length of 192, 224, 256, 384 or 521. Currently if you try to specify one of those key lengths, the module throws an error of:
Patching this in for a one-off is simple enough, but it is a "dumb" patch that permits any of the key sizes for any of the certificates, even if they are not valid for that certificate type. Maybe that's a valid workaround for this module? If so, more than happy to provide a PR.
E.g. RSA keys should have
1024, 2048, 4096, 8192
, but EDCH keys should have192, 224, 256, 384, 521
Version of the Operating System and PowerShell the DSC Target Node is running: Windows Server 2016, PSVersion 5.1.14393.1884
Version of the DSC module you're using, or 'dev' if you're using current dev branch: 3.0.0.0