search

j81blog / GenLeCertForNS

This script helps you to create a Let's Encrypt certificate for your NetScaler
GNU General Public License v3.0
39 stars 16 forks source link

CsVipName is needed even with ValidationMethod "dns" #5

Closed TravisWilder closed 1 year ago

TravisWilder commented 3 years ago

Hello

When DNS is used it still ask for CsVipName. In older Version you could just say "dummy", but now it is check against the NS.

Workaround for me: set LECertificates to $false

[Parameter(ParameterSetName = "CommandPolicy", Mandatory = $true)]
    [Parameter(ParameterSetName = "CommandPolicyUser", Mandatory = $false)]
    [Parameter(ParameterSetName = "LECertificates", Mandatory = $false)]
    [Parameter(ParameterSetName = "CleanADC", Mandatory = $false)]
    [ValidateNotNullOrEmpty()]
    [alias("NSCsVipName")]
    [String[]]$CsVipName,

BTW: I add function to use autodns / internetx direct api to do the dns changes

function Remove-AutoDNSRecord($user,$pass,$zone,$name,$type='TXT',$pref,$ttl=300,$value) {
    $ns="a.ns14.net"
    $style="rr_rem"
    $xmlpost ='<?xml version="1.0" encoding="utf-8"?>
    <request>
    <auth>
    <user>'+$user+'</user>
    <password>'+$pass+'</password>
    <context>4</context>
    </auth>
    <task>
    <code>0202001</code>
    <default>
    <'+$style+'>
    <name>'+$name+'</name>
    <type>'+$type+'</type>
    <pref>'+$pref+'</pref>
    <ttl>'+$ttl+'</ttl>
    <value>'+$value+'</value>
    </'+$style+'>
    </default>
    <zone>
    <name>'+$zone+'</name>
    <system_ns>'+$ns+'</system_ns>
    </zone>
    </task>
    </request>'
    $result = Invoke-RestMethod -URI https://gateway.autodns.com -body $xmlpost -Method post
    return $result.response.result.msg.text
}

function Add-AutoDNSRecord($user,$pass,$zone,$name,$type='TXT',$ttl=300,$pref,$value) {
    $ns="a.ns14.net"
    $style="rr_add"
    $xmlpost ='<?xml version="1.0" encoding="utf-8"?>
    <request>
    <auth>
    <user>'+$user+'</user>
    <password>'+$pass+'</password>
    <context>4</context>
    </auth>
    <task>
    <code>0202001</code>
    <default>
    <'+$style+'>
    <name>'+$name+'</name>
    <type>'+$type+'</type>
    <pref>'+$pref+'</pref>
    <ttl>'+$ttl+'</ttl>
    <value>'+$value+'</value>
    </'+$style+'>
    </default>
    <zone>
    <name>'+$zone+'</name>
    <system_ns>'+$ns+'</system_ns>
    </zone>
    </task>
    </request>'
    $result = Invoke-RestMethod -URI https://gateway.autodns.com -body $xmlpost -Method post
    return $result.response.result.msg.text
}
j81blog commented 3 years ago

Version v2.9.0 contains a small fix so you can just enter "dummy" text again for -CsVipName parameter. It will now just skip the check if DNS validation is used.

j81blog commented 3 years ago

I'm thinking about implementing something for passing DNS options to Posh-ACME, the LE module I'm using. But currently the DNS validation method is not used often.

j81blog commented 1 year ago

To use DNS options from Posh-ACME is supported in latest versions of the dev version.

.PARAMETER DNSPlugin
    Refer to the Posh-ACME plugins for the parameters, https://github.com/rmbolger/Posh-ACME/tree/main/Posh-ACME/Plugins
    Define the name with this parameter. You must also configure the 'DNSParams' parameter.
    Example: -DNSPlugin 'Aurora'
.PARAMETER DNSParams
    Define the Parameters required for the DNS plugin to be used with the 'DNSPlugin' parameter.
    You can define the value as a hashtable: -DNSParams @{ Api='api.auroradns.eu'; Key='XXXXXXXXXX'; Secret='YYYYYYYYYYYYYYYY' }
    Or as a string value (to be used in batch files): -DNSParams "Api=api.auroradns.eu;Key=XXXXXXXXXX;Secret=YYYYYYYYYYYYYYYY"