/
Update-CertificateAuthorityCRL.ps1
106 lines (70 loc) · 2.77 KB
/
Update-CertificateAuthorityCRL.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
# Copyright 2018 Hewlett Packard Enterprise Development LP
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
<#
.SYNOPSIS
Update expired certificate authority CRL.
.DESCRIPTION
Use this script to upload updated CRL's to both appliance built-in and administrator added certificate authorities.
.Parameter ApplianceConnection
One or more HPOneView.Appliance.Connection objects to syncronize directories to.
.INPUTS
None. You cannot pipe objects to this cmdlet.
.OUTPUTS
HPOneView.Appliance.TaskResource
Async task final status.
.OUTPUTS
HPOneView.Appliance.TrustedCertificateAuthority
The updated certificate authority objects.
.LINK
Connect-HPOVMgmt
.EXAMPLE
PS C:\> Connect-HPOVMgmt -Hostname Appliance1.domain.com -Credential $MyAdminCreds
PS C:\> Connect-HPOVMgmt -Hostname Appliance2.domain.com -Credential $MyAdminCreds
PS C:\> .\Update-CertificateAuthorityCRL.ps1
Update all certificate authorities with expired CRLs.
#>
[CmdletBinding (DefaultParameterSetName = 'Default')]
Param
(
[Parameter (Mandatory = $false, ParameterSetName = 'Default')]
[HPOneView.Appliance.Connection[]]$ApplianceConnection = $ConnectedSessions
)
ForEach ($_Appliance in $ApplianceConnection)
{
Try
{
# Get the certificate authorities
$ExpiredCertCrls = Get-HPOVApplianceTrustedCertificate -CertificateAuthoritiesOnly -ApplianceConnection $_Appliance | ? Status -match "CRL Expired"
}
Catch
{
$PSCmdlet.ThrowTerminatingError($_)
}
$e = 1
ForEach ($ExpiredCertCrl in $ExpiredCertCrls)
{
Write-Progress -Activity "Update Certificate Authority expired CRL" -Status ("Processing '{0}'" -f $ExpiredCertCrl.Name) -PercentComplete ($e / $ExpiredCertCrls.Count)
Try
{
Update-HPOVApplianceTrustedAuthorityCrl -InputObject $ExpiredCertCrl -ApplianceConnection $ExpiredCertCrl.ApplianceConnection
}
Catch
{
$PSCmdlet.ThrowTerminatingError($_)
}
$e++
}
Write-Progress -Activity "Update Certificate Authority expired CRL" -Completed
Get-HPOVApplianceTrustedCertificate -CertificateAuthoritiesOnly -ApplianceConnection $_Appliance
}