There is an error when you would like to add a Trusted Root Trusted Root Authority with CertificateThumbprint parameter.
The resource don't find the certificate even if it's present on the local machine.
SPTrustedRootAuthority "My super power trusted root authority to add"
{
Name = $ConfigurationData.NonNodeData.TrustedRootAuthority.TrustA.Name
CertificateThumbprint = $ConfigurationData.NonNodeData.Certificates.TrustA.Thumbprint
Ensure = "Present"
PsDscRunAsCredential = $psdscsetup
}
Issue is caused by lines 185 and 267:
$cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)"
Running PS command like following is not working:
Get-ChildItem -Path "Cert:\LocalMachine\*CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"
The correct one is the following:
Get-ChildItem -Path "Cert:\LocalMachine\*\CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"
It's just missing a \ after the wildcard.
Did the correction on my side and was working well.
Let me know if you need more information.
Best,
julmsy
Verbose logs
VERBOSE: [MACHINE]: [[SPTrustedRootAuthority]TrustedRootAuthority_TrustA] Importing certificate from CertificateThumbprint
VERBOSE: [MACHINE]: LCM: [ End Set ] [[SPTrustedRootAuthority]TrustedRootAuthority_TrustA] in 0.5580 seconds.
PowerShell DSC resource MSFT_SPTrustedRootAuthority failed to execute Set-TargetResource functionality with error
message: Certificate not found in the local Certificate Store
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
+ PSComputerName : machine.contoso.com
PowerShell DSC resource MSFT_SPTrustedRootAuthority failed to execute Set-TargetResource functionality with error
message: Certificate not found in the local Certificate Store
+ CategoryInfo : InvalidOperation: (:) [], CimException
+ FullyQualifiedErrorId : ProviderOperationExecutionFailure
+ PSComputerName : machine.contoso.com
DSC configuration
SPTrustedRootAuthority "My super power trusted root authority to add"
{
Name = $ConfigurationData.NonNodeData.TrustedRootAuthority.TrustA.Name
CertificateThumbprint = $ConfigurationData.NonNodeData.Certificates.TrustA.Thumbprint
Ensure = "Present"
PsDscRunAsCredential = $psdscsetup
}
Suggested solution
Add a '\' after the wildcard to fix the cert: path.
SharePoint version and build
SharePoint 2016
Operating system the target node is running
OsName : Microsoft Windows Server 2019 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture : 64-bit
WindowsVersion : 1809
WindowsBuildLabEx : 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage : en-US
OsMuiLanguages : {en-US}
PowerShell version and build the target node is running
Problem description
Hello SharePointDsc community,
There is an error when you would like to add a Trusted Root Trusted Root Authority with CertificateThumbprint parameter. The resource don't find the certificate even if it's present on the local machine.
Issue is caused by lines 185 and 267:
$cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)"
Running PS command like following is not working:
Get-ChildItem -Path "Cert:\LocalMachine\*CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"
The correct one is the following:
Get-ChildItem -Path "Cert:\LocalMachine\*\CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"
It's just missing a\
after the wildcard.Did the correction on my side and was working well.
Let me know if you need more information.
Best, julmsy
Verbose logs
DSC configuration
Suggested solution
Add a '\' after the wildcard to fix the cert: path.
SharePoint version and build
Operating system the target node is running
PowerShell version and build the target node is running
SharePointDsc version