(#281) Bring Thumbprint Parameters Into Line

Having CertificateThumbprint and Thumbprint treated differently across the scripts is annoying, and can introduce confusion.

This change brings all the scripts into the same $Thumbprint (with an alias for folk who instinctively use CertificateThumbprint), and an argument completer.

Author: JPRuskin

Set-SslSecurity.ps1

@@ -22,12 +22,12 @@ param(
     # Ignored if supplied alongside -Subject.
     [Parameter(ValueFromPipeline, ParameterSetName='Thumbprint')]
     [ArgumentCompleter({
-        Get-ChildItem Cert:\LocalMachine\My | ForEach-Object {
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
             [System.Management.Automation.CompletionResult]::new(
                 $_.Thumbprint,
                 $_.Thumbprint,
-                'ParameterValue',
-                $_.FriendlyName
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
             )
         }
     })]

Start-C4bCcmSetup.ps1

@@ -19,9 +19,19 @@ param(
 
     # Certificate to use for CCM service
     [Parameter()]
-    [Alias('Thumbprint')]
+    [Alias('CertificateThumbprint')]
+    [ArgumentCompleter({
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
+            [System.Management.Automation.CompletionResult]::new(
+                $_.Thumbprint,
+                $_.Thumbprint,
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
+            )
+        }
+    })]
     [String]
-    $CertificateThumbprint
+    $Thumbprint
 )
 process {
     $DefaultEap = $ErrorActionPreference
@@ -123,19 +133,19 @@ process {
 
     Write-Host "Installing Chocolatey Central Management Service"
     $chocoArgs = @('install', 'chocolatey-management-service', "--source='ChocolateyInternal'", '-y', "--package-parameters-sensitive=`"/ConnectionString:'Server=Localhost\SQLEXPRESS;Database=ChocolateyManagement;User ID=$DatabaseUser;Password=$DatabaseUserPw;'`"", '--no-progress')
-    if ($CertificateThumbprint) {
+    if ($Thumbprint) {
         Write-Verbose "Validating certificate is in LocalMachine\TrustedPeople Store"
-        if (-not (Get-Item Cert:\LocalMachine\TrustedPeople\$CertificateThumbprint -EA 0) -and -not (Get-Item Cert:\LocalMachine\My\$CertificateThumbprint -EA 0)) {
-            Write-Warning "You specified $CertificateThumbprint for use with CCM service, but the certificate is not in the required LocalMachine\TrustedPeople store!"
-            Write-Warning "Please place certificate with thumbprint: $CertificateThumbprint in the LocalMachine\TrustedPeople store and re-run this step"
+        if (-not (Get-Item Cert:\LocalMachine\TrustedPeople\$Thumbprint -EA 0) -and -not (Get-Item Cert:\LocalMachine\My\$Thumbprint -EA 0)) {
+            Write-Warning "You specified $Thumbprint for use with CCM service, but the certificate is not in the required LocalMachine\TrustedPeople store!"
+            Write-Warning "Please place certificate with thumbprint: $Thumbprint in the LocalMachine\TrustedPeople store and re-run this step"
             throw "Certificate not in correct location... exiting."
-        } elseif ($MyCertificate = Get-Item Cert:\LocalMachine\My\$CertificateThumbprint -EA 0) {
+        } elseif ($MyCertificate = Get-Item Cert:\LocalMachine\My\$Thumbprint -EA 0) {
             Write-Verbose "Copying certificate from 'Personal' store to 'TrustedPeople'"
             Copy-CertToStore $MyCertificate
         } else {
             Write-Verbose "Certificate has been successfully found in correct store"
         }
-        $chocoArgs += @("--package-parameters='/CertificateThumbprint=$CertificateThumbprint'")
+        $chocoArgs += @("--package-parameters='/CertificateThumbprint=$Thumbprint'")
     }
     & Invoke-Choco @chocoArgs
 

Start-C4bSetup.ps1

@@ -63,6 +63,16 @@ param(
     # the local machine certificate stores.
     # Only used in Unattend mode for the SSL setup script.
     [Parameter(ParameterSetName='Unattended')]
+    [ArgumentCompleter({
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
+            [System.Management.Automation.CompletionResult]::new(
+                $_.Thumbprint,
+                $_.Thumbprint,
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
+            )
+        }
+    })]
     [string]
     $Thumbprint,
 

scripts/Set-CCMCert.ps1

@@ -16,8 +16,19 @@ PS> .\Set-CCMCert.ps1 -CertificateThumbprint 'Your_Certificate_Thumbprint_Value'
 [CmdletBinding()]
 param(
     [Parameter(Mandatory)]
+    [Alias("CertificateThumbprint")]
+    [ArgumentCompleter({
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
+            [System.Management.Automation.CompletionResult]::new(
+                $_.Thumbprint,
+                $_.Thumbprint,
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
+            )
+        }
+    })]
     [String]
-    $CertificateThumbprint
+    $Thumbprint
 )
 
 begin {
@@ -41,14 +52,14 @@ process {
     #Add new CCM Web IIS Binding
         Write-Verbose "Adding new IIS binding to Chocolatey Central Management"
         $guid = [Guid]::NewGuid().ToString("B")
-        netsh http add sslcert ipport=0.0.0.0:443 certhash=$CertificateThumbprint certstorename=MY appid="$guid"
+        netsh http add sslcert ipport=0.0.0.0:443 certhash=$Thumbprint certstorename=MY appid="$guid"
         Get-WebBinding -Name ChocolateyCentralManagement | Remove-WebBinding
         New-WebBinding -Name ChocolateyCentralManagement -Protocol https -Port 443 -SslFlags 0 -IpAddress '*'        
 
     #Write Thumbprint to CCM Service appsettings.json
         $appSettingsJson = 'C:\ProgramData\chocolatey\lib\chocolatey-management-service\tools\service\appsettings.json'
         $json = Get-Content $appSettingsJson | ConvertFrom-Json
-        $json.CertificateThumbprint = $CertificateThumbprint
+        $json.CertificateThumbprint = $Thumbprint
         $json | ConvertTo-Json | Set-Content $appSettingsJson -Force
 
     #Try Restarting CCM Service

scripts/Set-JenkinsCert.ps1

@@ -11,7 +11,19 @@
 param(
     # Thumbprint of the certificate stored in the Trusted People cert-store.
     [Parameter(Mandatory)]
-    [string]$Thumbprint,
+    [Alias("CertificateThumbprint")]
+    [ArgumentCompleter({
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
+            [System.Management.Automation.CompletionResult]::new(
+                $_.Thumbprint,
+                $_.Thumbprint,
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
+            )
+        }
+    })]
+    [String]
+    $Thumbprint,
 
     # Port number to use for Jenkins HTTPS.
     [uint16]$Port = 7443

scripts/Set-NexusCert.ps1

@@ -18,7 +18,18 @@ PS> .\Set-NexusCert.ps1 -Thumbprint 'Your_Certificate_Thumbprint_Value' -NexusPo
 [CmdletBinding()]
 param(
     [Parameter(Mandatory)]
-    [string]
+    [Alias("CertificateThumbprint")]
+    [ArgumentCompleter({
+        Get-ChildItem Cert:\LocalMachine\TrustedPeople | ForEach-Object {
+            [System.Management.Automation.CompletionResult]::new(
+                $_.Thumbprint,
+                $_.Thumbprint,
+                "ParameterValue",
+                ($_.Subject -replace "^CN=(?<FQDN>.+),?.*$",'${FQDN}')
+            )
+        }
+    })]
+    [String]
     $Thumbprint,
 
     [Parameter()]