Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SqlServerSecureConnection: Certificate Thumbprint is case-sensitive #1350

Closed
Teutenberg opened this issue May 1, 2019 · 0 comments · Fixed by #1376
Closed

SqlServerSecureConnection: Certificate Thumbprint is case-sensitive #1350

Teutenberg opened this issue May 1, 2019 · 0 comments · Fixed by #1376
Labels
bug The issue is a bug.

Comments

@Teutenberg
Copy link
Contributor

Details of the scenario you tried and the problem that is occurring

DSC resource works and configures certificate but it won't show in Configuration manager if the certificate thumbprint is upper case.

PowerShell command returns thumbprint upper-case:
(Get-ChildItem cert:\LocalMachine\my | ? FriendlyName -eq "SQL Certificate" | Select-Object -Property Thumbprint).Thumbprint

Suggested solution to the issue

Either document that lower case is required, or force thumbprint lower

The DSC configuration that is used to reproduce the issue (as detailed as possible)

[string]$CertificateThumbprint = (Get-ChildItem cert:\LocalMachine\my | ? FriendlyName -eq "SQL Certificate" | Select-Object -Property Thumbprint).Thumbprint
$SqlServices = Get-DbaService -Type Engine | Where { $_.State -ieq "Running" }

foreach ($srv in $SqlServices) {
    if ($srv.StartName -ieq "LocalSystem") {
        $ServiceAccount = "NT AUTHORITY\SYSTEM"
    }
    else {
        $ServiceAccount = $srv.StartName
    }

    $Params = @{
        InstanceName    = $srv.InstanceName
        Thumbprint      = $CertificateThumbprint
        ForceEncryption = $false
        Ensure          = 'Present'
        ServiceAccount  = $ServiceAccount
    }
    
    if (Invoke-DscResource -ModuleName SqlServerDsc -Name SqlServerSecureConnection -Property $Params -Method Test) {
        Write-Host "Skipping SqlServerSecureConnection... Instance already configured: $($srv.InstanceName)"
    }
    else {
        Write-Host "Configuring SqlServerSecureConnection... Instance: $($srv.InstanceName)"
        Invoke-DscResource -ModuleName SqlServerDsc -Name SqlServerSecureConnection -Property $Params -Method Set -Verbose
    }
}
@johlju johlju added bug The issue is a bug. help wanted The issue is up for grabs for anyone in the community. labels May 1, 2019
@Teutenberg Teutenberg mentioned this issue Jun 23, 2019
Merged
9 tasks
@johlju johlju added in progress The issue is being actively worked on by someone. and removed help wanted The issue is up for grabs for anyone in the community. labels Jun 23, 2019
johlju pushed a commit that referenced this issue Jul 2, 2019
@Teutenberg @johlju
SqlServerSecureConnection: Fix issue #1350 (#1376)
728a1cf 
- Changes to SqlServerSecureConnection
  - Forced $Thumbprint to lowercase to fix issue #1350
@johlju johlju removed the in progress The issue is being actively worked on by someone. label Jul 2, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug The issue is a bug.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

SqlServerSecureConnection: Fix issue #1350
2 participants
@johlju @Teutenberg