zmeier/Backup
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6173d9fa57bddfad10ae404dfc5a17eeecfec855
Backup/_NDGOV_WindowsTeam/ITD.Infra-Certificate-External.Sectigo/Public/Download-SectigoCertificate.ps1
T
Zack Meier 1d304511b8 update
2026-04-15 15:45:50 -05:00

71 lines
2.5 KiB
PowerShell
Raw Blame History

#'x509' - for Certificate (w/ chain), PEM encoded,
#'x509CO' - for Certificate only, PEM encoded,
#'base64' - for PKCS#7, PEM encoded,
#'bin' - for PKCS#7, 'x509IO' - for Root/Intermediate(s) only, PEM encoded,
#'x509IOR' - for Intermediate(s)/Root only, PEM encoded,
#'pem' - for Certificate (w/ chain), PEM encoded,
#'pemco' - for Certificate only, PEM encoded,
#'pemia' - for Certificate (w/ issuer after), PEM encoded,
#'x509R' - for Certificate (w/ chain), PEM encoded.
# base64 is default.
function Download-SectigoCertificate {
[CmdletBinding(SupportsShouldProcess=$true)]
param (
[string]$ApiToken=$env:SectigoToken,
[string]$CertRootPath="c:\certs",
[ValidateSet('x509','x509CO','base64','bin','x509IOR','pem','pemco','pemia','x509R' )]
[string]$Format="x509CO",
[Parameter(Mandatory=$true)]
[string]$OrderId
)
if (-Not $ApiToken) {
$ApiToken=Read-Host "ApiToken:"
}
. $PSScriptRoot\..\Private\Set-Onload.ps1
[string]$CollectUrl = "${BaseAPIUrl}/api/ssl/v1/collect/${OrderId}?format=${format}"
Write-Verbose -Verbose "CollectUrl: $CollectUrl"
$headers = @{
"Authorization" = "Bearer $ApiToken"
"Content-Type" = "application/json" # <-- Cleaned up syntax
}
# --- API Call ---
Write-Verbose "Attempting to retrieve certificate for Order ID: $OrderId"
try {
$response = Invoke-WebRequest -Uri $CollectUrl -Method Get -Headers $headers -UseBasicParsing -ErrorAction Stop
} catch {
Write-Error "API Request Failed: $($_.Exception.Message)"
return $null
}
$OutPath = "${CertRootPath}\cert_${OrderId}.cer"
# --- Response Processing ---
if ($response.StatusCode -eq 200) {
Write-Verbose "Certificate successfully retrieved (Status 200)."
# 1. Get the Hex String
# ASSUMPTION: The API returns the raw certificate Hex string in the response content.
# If the API returns JSON, you must use 'ConvertFrom-Json' first to extract the hex property.
$decimalNumbersString = $response.Content
$numberStrings = $decimalNumbersString -split '\s+|,|\r?\n' | Where-Object { $_ }
try {
[byte[]]$bytes = $numberStrings | ForEach-Object { [int]$_ }
} catch {
Write-Error "Error converting numbers. Ensure all numbers are between 0 and 255."
exit
}
# Write the byte array to the binary file
[System.IO.File]::WriteAllBytes($OutPath , $bytes)
Get-ChildItem $OutPath|select fullname, LastWriteTime
}
}
Reference in New Issue View Git Blame Copy Permalink