update
This commit is contained in:
Zack Meier
+71
@@ -0,0 +1,71 @@
|
||||
|
||||
#'x509' - for Certificate (w/ chain), PEM encoded,
|
||||
#'x509CO' - for Certificate only, PEM encoded,
|
||||
#'base64' - for PKCS#7, PEM encoded,
|
||||
#'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded,
|
||||
#'x509IOR' - for Intermediate(s)/Root only, PEM encoded,
|
||||
#'pem' - for Certificate (w/ chain), PEM encoded,
|
||||
#'pemco' - for Certificate only, PEM encoded,
|
||||
#'pemia' - for Certificate (w/ issuer after), PEM encoded,
|
||||
#'x509R' - for Certificate (w/ chain), PEM encoded.
|
||||
# base64 is default.
|
||||
|
||||
function Download-SectigoCertificate {
|
||||
[CmdletBinding(SupportsShouldProcess=$true)]
|
||||
param (
|
||||
[string]$ApiToken=$env:SectigoToken,
|
||||
[string]$CertRootPath="c:\certs",
|
||||
[ValidateSet('x509','x509CO','base64','bin','x509IOR','pem','pemco','pemia','x509R' )]
|
||||
[string]$Format="x509CO",
|
||||
|
||||
[Parameter(Mandatory=$true)]
|
||||
[string]$OrderId
|
||||
)
|
||||
|
||||
if (-Not $ApiToken) {
|
||||
$ApiToken=Read-Host "ApiToken:"
|
||||
}
|
||||
. $PSScriptRoot\..\Private\Set-Onload.ps1
|
||||
|
||||
[string]$CollectUrl = "${BaseAPIUrl}/api/ssl/v1/collect/${OrderId}?format=${format}"
|
||||
|
||||
Write-Verbose -Verbose "CollectUrl: $CollectUrl"
|
||||
$headers = @{
|
||||
"Authorization" = "Bearer $ApiToken"
|
||||
"Content-Type" = "application/json" # <-- Cleaned up syntax
|
||||
}
|
||||
|
||||
# --- API Call ---
|
||||
Write-Verbose "Attempting to retrieve certificate for Order ID: $OrderId"
|
||||
|
||||
try {
|
||||
$response = Invoke-WebRequest -Uri $CollectUrl -Method Get -Headers $headers -UseBasicParsing -ErrorAction Stop
|
||||
} catch {
|
||||
Write-Error "API Request Failed: $($_.Exception.Message)"
|
||||
return $null
|
||||
}
|
||||
$OutPath = "${CertRootPath}\cert_${OrderId}.cer"
|
||||
|
||||
# --- Response Processing ---
|
||||
if ($response.StatusCode -eq 200) {
|
||||
Write-Verbose "Certificate successfully retrieved (Status 200)."
|
||||
|
||||
# 1. Get the Hex String
|
||||
# ASSUMPTION: The API returns the raw certificate Hex string in the response content.
|
||||
# If the API returns JSON, you must use 'ConvertFrom-Json' first to extract the hex property.
|
||||
$decimalNumbersString = $response.Content
|
||||
|
||||
$numberStrings = $decimalNumbersString -split '\s+|,|\r?\n' | Where-Object { $_ }
|
||||
|
||||
try {
|
||||
[byte[]]$bytes = $numberStrings | ForEach-Object { [int]$_ }
|
||||
} catch {
|
||||
Write-Error "Error converting numbers. Ensure all numbers are between 0 and 255."
|
||||
exit
|
||||
}
|
||||
|
||||
# Write the byte array to the binary file
|
||||
[System.IO.File]::WriteAllBytes($OutPath , $bytes)
|
||||
Get-ChildItem $OutPath|select fullname, LastWriteTime
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user