@@ -231,17 +231,17 @@ public string GetSqlCertRegistryLocation(string instanceName,PowerShell ps)
231231 return $ "HKLM:\\ SOFTWARE\\ Microsoft\\ Microsoft SQL Server\\ { GetSqlInstanceValue ( instanceName , ps ) } \\ MSSQLServer\\ SuperSocketNetLib\\ ";
232232 }
233233
234- public string GetSqlServerServiceName ( string instanceValue )
234+ public string GetSqlServerServiceName ( string instanceName )
235235 {
236- if ( string . IsNullOrEmpty ( instanceValue ) )
236+ if ( string . IsNullOrEmpty ( instanceName ) )
237237 return string . Empty ;
238238
239239 //Default SQL Instance has this format
240- if ( instanceValue . Split ( '.' ) [ 1 ] == "MSSQLSERVER" )
240+ if ( instanceName == "MSSQLSERVER" )
241241 return "MSSQLSERVER" ;
242242
243243 //Named Instance service has this format
244- return $ "MSSQL`${ instanceValue . Split ( '.' ) [ 1 ] } ";
244+ return $ "MSSQL`${ instanceName } ";
245245 }
246246
247247 public JobResult BindCertificates ( string renewalThumbprint , X509Certificate2 x509Cert )
@@ -344,26 +344,30 @@ public string BindCertificate(X509Certificate2 x509Cert,PowerShell ps)
344344 _logger . LogTrace ( cmd . CommandText ) ;
345345 }
346346
347- _logger . LogTrace ( $ "funcScript { funcScript } ") ;
348347 ps . AddScript ( funcScript ) ;
349- _logger . LogTrace ( "funcScript added... ") ;
348+ _logger . LogTrace ( $ "Running script: { funcScript } ") ;
350349 ps . Invoke ( ) ;
351350 _logger . LogTrace ( "funcScript Invoked..." ) ;
352351
353352 _logger . LogTrace ( "Setting up Acl Access for Manage Private Keys" ) ;
354353 ps . Commands . Clear ( ) ;
355354
356355 //Get the SqlServer Service User Name
357- var serviceName = GetSqlServerServiceName ( GetSqlInstanceValue ( instanceName , ps ) ) ;
358- funcScript = @$ "(Get-WmiObject Win32_Service -Filter ""Name='{ serviceName } '"").StartName";
359- ps . AddScript ( funcScript ) ;
360- _logger . LogTrace ( "funcScript added..." ) ;
361- SqlServiceUser = ps . Invoke ( ) [ 0 ] . ToString ( ) ;
362- _logger . LogTrace ( "funcScript Invoked..." ) ;
363- _logger . LogTrace ( "Got service login user for ACL Permissions" ) ;
364- ps . Commands . Clear ( ) ;
356+ var serviceName = GetSqlServerServiceName ( instanceName ) ;
357+ if ( serviceName != "" )
358+ {
359+ _logger . LogTrace ( $ "Service Name: { serviceName } was returned.") ;
360+
361+ funcScript = @$ "(Get-WmiObject Win32_Service -Filter ""Name='{ serviceName } '"").StartName";
362+ ps . AddScript ( funcScript ) ;
363+ _logger . LogTrace ( $ "Running script: { funcScript } ") ;
364+ SqlServiceUser = ps . Invoke ( ) [ 0 ] . ToString ( ) ;
365+
366+ _logger . LogTrace ( $ "SqlServiceUser: { SqlServiceUser } ") ;
367+ _logger . LogTrace ( "Got service login user for ACL Permissions" ) ;
368+ ps . Commands . Clear ( ) ;
365369
366- funcScript = $@ "$thumbprint = '{ thumbPrint } '
370+ funcScript = $@ "$thumbprint = '{ thumbPrint } '
367371 $Cert = Get-ChildItem Cert:\LocalMachine\My | Where-Object {{ $_.Thumbprint -eq $thumbprint }}
368372 $privKey = $Cert.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName
369373 $keyPath = ""$($env:ProgramData)\Microsoft\Crypto\RSA\MachineKeys\""
@@ -373,9 +377,15 @@ public string BindCertificate(X509Certificate2 x509Cert,PowerShell ps)
373377 $Acl.SetAccessRule($Ar)
374378 Set-Acl $privKeyPath.FullName $Acl" ;
375379
376- ps . AddScript ( funcScript ) ;
377- ps . Invoke ( ) ;
378- _logger . LogTrace ( "ACL FuncScript Invoked..." ) ;
380+ ps . AddScript ( funcScript ) ;
381+ ps . Invoke ( ) ;
382+ _logger . LogTrace ( "ACL FuncScript Invoked..." ) ;
383+
384+ }
385+ else
386+ {
387+ _logger . LogTrace ( "No Service User has been returned. Skipping ACL update." ) ;
388+ }
379389
380390 //If user filled in a service name in the store then restart the SQL Server Services
381391 if ( RestartService )
0 commit comments