SPTrustedRootAuthority - Error while adding Trusted Root Authority via CertificateThumbprint

[julmsy]

Problem description

Hello SharePointDsc community,

There is an error when you would like to add a Trusted Root Trusted Root Authority with CertificateThumbprint parameter.
The resource don't find the certificate even if it's present on the local machine.

SPTrustedRootAuthority "My super power trusted root authority to add"
{
        Name = $ConfigurationData.NonNodeData.TrustedRootAuthority.TrustA.Name
        CertificateThumbprint = $ConfigurationData.NonNodeData.Certificates.TrustA.Thumbprint
        Ensure = "Present"
        PsDscRunAsCredential = $psdscsetup
}

Issue is caused by lines 185 and 267:
$cert = Get-ChildItem -Path "Cert:\LocalMachine\*$($params.CertificateThumbprint)"

Running PS command like following is not working:
Get-ChildItem -Path "Cert:\LocalMachine\*CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"

The correct one is the following:
Get-ChildItem -Path "Cert:\LocalMachine\*\CERT76DFGHJZTH445678VDFGF5434356CVDFGFH4"
It's just missing a \ after the wildcard.

Did the correction on my side and was working well.

Let me know if you need more information.

Best,
julmsy

Verbose logs

VERBOSE: [MACHINE]:                            [[SPTrustedRootAuthority]TrustedRootAuthority_TrustA] Importing certificate from CertificateThumbprint
VERBOSE: [MACHINE]: LCM:  [ End    Set      ]  [[SPTrustedRootAuthority]TrustedRootAuthority_TrustA]  in 0.5580 seconds.
PowerShell DSC resource MSFT_SPTrustedRootAuthority  failed to execute Set-TargetResource functionality with error 
message: Certificate not found in the local Certificate Store 
    + CategoryInfo          : InvalidOperation: (:) [], CimException
    + FullyQualifiedErrorId : ProviderOperationExecutionFailure
    + PSComputerName        : machine.contoso.com
PowerShell DSC resource MSFT_SPTrustedRootAuthority  failed to execute Set-TargetResource functionality with error
message: Certificate not found in the local Certificate Store
    + CategoryInfo          : InvalidOperation: (:) [], CimException
    + FullyQualifiedErrorId : ProviderOperationExecutionFailure
    + PSComputerName        : machine.contoso.com

DSC configuration

SPTrustedRootAuthority "My super power trusted root authority to add"
{
        Name = $ConfigurationData.NonNodeData.TrustedRootAuthority.TrustA.Name
        CertificateThumbprint = $ConfigurationData.NonNodeData.Certificates.TrustA.Thumbprint
        Ensure = "Present"
        PsDscRunAsCredential = $psdscsetup
}

Suggested solution

Add a '' after the wildcard to fix the cert: path.

SharePoint version and build

SharePoint 2016

Operating system the target node is running

OsName               : Microsoft Windows Server 2019 Datacenter
OsOperatingSystemSKU : DatacenterServerEdition
OsArchitecture       : 64-bit
WindowsVersion       : 1809
WindowsBuildLabEx    : 17763.1.amd64fre.rs5_release.180914-1434
OsLanguage           : en-US
OsMuiLanguages       : {en-US}

PowerShell version and build the target node is running

Name                           Value
----                           -----
PSVersion                      5.1.17763.2931
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.17763.2931
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

SharePointDsc version

Name          Version Path
----          ------- ----
SharePointDsc 5.3.0   C:\Program Files\WindowsPowerShell\Modules\SharePointDsc\5.3.0\SharePointDsc.psd1