CertReq: Get-TargetResource will try to find incorrect certificate if X500 subject is used

[p0shkar]

Details of the scenario you tried and the problem that is occurring

In Get-TargetResource the following code is used:

$cert = Get-Childitem -Path Cert:\LocalMachine\My |
    Where-Object -FilterScript {
        $_.Subject -eq "CN=$Subject" -and `
        (Compare-CertificateIssuer -Issuer $_.Issuer -CARootName $CARootName)
    }

If the subject contains the full X500 path, in Get-TargetResource this will result in it trying to find a Certificate with Subject "CN=CN=SomeSubject,O=Or,C=Other,S=etc".

Verbose logs showing the problem

Suggested solution to the issue

Use the same fix as in Test- and Set-TargetResource:

# If the Subject does not contain a full X500 path, construct just the CN
if (($Subject.split('=').count) -eq 1)
{
    $Subject = "CN=$Subject"
}

The DSC configuration that is used to reproduce the issue (as detailed as possible)

The operating system the target node is running

Version and build of PowerShell the target node is running

5.1

Version of the DSC module that was used ('dev' if using current dev branch)

dev

Registering this bug for tracking, this bug was discovered during work on PR #209 .