Merge 0d23e12 into 9fcf193

Author: rcpokorny

.github/workflows/keyfactor-starter-workflow.yml

@@ -11,7 +11,7 @@ on:
 
 jobs:
   call-starter-workflow:
-    uses: keyfactor/actions/.github/workflows/starter.yml@3.1.2
+    uses: keyfactor/actions/.github/workflows/starter.yml@v3
     secrets:
       token: ${{ secrets.V2BUILDTOKEN}}
       APPROVE_README_PUSH: ${{ secrets.APPROVE_README_PUSH}}

CHANGELOG.md

@@ -1,11 +1,14 @@
+2.5.2
+* Fixed a PowerShell compatibility issue when using LocalMachine.  LocalMachine will always run PowerShell 5.1.
+  
 2.5.1
 * Fixed WinSQL service name when InstanceID differs from InstanceName
 
 2.5.0
 * Added the Bindings to the end of the thumbprint to make the alias unique.
 * Using new IISWebBindings commandlet to use additional SSL flags when binding certificate to website.
 * Added multi-platform support for .Net6 and .Net8.
-* Updated various PowerShell scripts to handle both .Net6 and .Net8 differences (specifically the absense of the WebAdministration module in PS SDK 7.4.x+)
+* Updated various PowerShell scripts to handle both .Net6 and .Net8 differences (specifically the absence of the WebAdministration module in PS SDK 7.4.x+)
 * Fixed issue to update multiple websites when using the same cert.
 * Removed renewal thumbprint logic to update multiple website; each job now updates its own specific certificate.
 

IISU/ClientPSIIManager.cs

@@ -567,78 +567,7 @@ private object PerformIISUnBinding(string webSiteName, string protocol, string i
         /// <returns></returns>
         private object PerformIISBinding(string webSiteName, string protocol, string ipAddress, string port, string hostName, string sslFlags, string thumbprint, string storeName)
         {
-            //string funcScript = @"
-            //    param (
-            //        $SiteName,        # The name of the IIS site
-            //        $IPAddress,       # The IP Address for the binding
-            //        $Port,            # The port number for the binding
-            //        $Hostname,        # Hostname for the binding (if any)
-            //        $Protocol,        # Protocol (e.g., HTTP, HTTPS)
-            //        $Thumbprint,      # Certificate thumbprint for HTTPS bindings
-            //        $StoreName,       # Certificate store location (e.g., ""My"" for personal certs)
-            //        $SslFlags         # SSL flags (if any)
-            //    )
-
-            //    # Set Execution Policy (optional, depending on your environment)
-            //    Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force
-
-            //    ##  Check if the IISAdministration module is available
-            //    #$module = Get-Module -Name IISAdministration -ListAvailable
-
-            //    #if (-not $module) {
-            //    # throw ""The IISAdministration module is not installed on this system.""
-            //    #}
-
-            //    # Check if the IISAdministration module is already loaded
-            //    if (-not (Get-Module -Name IISAdministration)) {
-            //        try {
-            //            # Attempt to import the IISAdministration module
-            //            Import-Module IISAdministration -ErrorAction Stop
-            //        }
-            //        catch {
-            //            throw ""Failed to load the IISAdministration module. Ensure it is installed and available.""
-            //        }
-            //    }
-
-            //    # Retrieve the existing binding information
-            //    $myBinding = ""${IPAddress}:${Port}:${Hostname}""
-            //    Write-Host ""myBinding: "" $myBinding
-
-            //    $siteBindings = Get-IISSiteBinding -Name $SiteName
-            //    $existingBinding = $siteBindings | Where-Object { $_.bindingInformation -eq $myBinding -and $_.protocol -eq $Protocol }
-
-            //    Write-Host ""Binding:"" $existingBinding
-
-            //    if ($null -ne $existingBinding) {
-            //        # Remove the existing binding
-            //        Remove-IISSiteBinding -Name $SiteName -BindingInformation $existingBinding.BindingInformation -Protocol $existingBinding.Protocol -Confirm:$false
-
-            //        Write-Host ""Removed existing binding: $($existingBinding.BindingInformation)""
-            //    }
-
-            //    # Create the new binding with modified properties
-            //    $newBindingInfo = ""${IPAddress}:${Port}:${Hostname}""
-
-            //    try
-            //    {
-            //        New-IISSiteBinding -Name $SiteName `
-            //            -BindingInformation $newBindingInfo `
-            //            -Protocol $Protocol `
-            //            -CertificateThumbprint $Thumbprint `
-            //            -CertStoreLocation $StoreName `
-            //            -SslFlag $SslFlags
-
-            //        Write-Host ""New binding added: $newBindingInfo""
-            //    }
-            //    catch {
-            //        throw $_
-            //    }
-            //";
-#if NET6_0
-            string funcScript = PowerShellScripts.UpdateIISBindingsV6;
-#elif NET8_0_OR_GREATER
-            string funcScript = PowerShellScripts.UpdateIISBindingsV8;
-#endif
+            string funcScript = PowerShellScripts.UpdateIISBindings;
 
             ps.AddScript(funcScript);
             ps.AddParameter("SiteName", webSiteName);

IISU/PSHelper.cs

@@ -50,22 +50,10 @@ public static Runspace GetClientPsRunspace(string winRmProtocol, string clientMa
 
             if (isLocal)
             {
-#if NET6_0
+                _logger.LogTrace("Establishing a local RunSpace.");
                 PowerShellProcessInstance instance = new PowerShellProcessInstance(new Version(5, 1), null, null, false);
                 Runspace rs = RunspaceFactory.CreateOutOfProcessRunspace(new TypeTable(Array.Empty<string>()), instance);
                 return rs;
-#elif NET8_0_OR_GREATER
-                try 
-	            {	        
-                    InitialSessionState iss = InitialSessionState.CreateDefault();
-                    Runspace rs = RunspaceFactory.CreateRunspace(iss);
-                    return rs;
-	            }
-	            catch (global::System.Exception)
-	            {
-                    throw new Exception($"An error occurred while attempting to create the PowerShell instance.  This version requires .Net8 and PowerShell SDK 7.2 or greater.  Please verify the version of .Net8 and PowerShell installed on your machine.");
-	            }
-#endif
             }
             else
             {

IISU/Scripts/PowerShellScripts.cs

@@ -8,68 +8,7 @@ namespace Keyfactor.Extensions.Orchestrator.WindowsCertStore.Scripts
 {
     public class PowerShellScripts
     {
-        public const string UpdateIISBindingsV6 = @"
-                param (
-                    $SiteName,        # The name of the IIS site
-                    $IPAddress,       # The IP Address for the binding
-                    $Port,            # The port number for the binding
-                    $Hostname,        # Hostname for the binding (if any)
-                    $Protocol,        # Protocol (e.g., HTTP, HTTPS)
-                    $Thumbprint,      # Certificate thumbprint for HTTPS bindings
-                    $StoreName,       # Certificate store location (e.g., ""My"" for personal certs)
-                    $SslFlags         # SSL flags (if any)
-                )
-
-                # Set Execution Policy (optional, depending on your environment)
-                Set-ExecutionPolicy -ExecutionPolicy Bypass -Scope Process -Force
-
-                # Check if the WebAdministration module is available
-                $module = Get-Module -Name WebAdministration -ListAvailable
-
-                if (-not $module) {
-                    throw ""The WebAdministration module is not installed on this system.""
-                }
-
-                # Check if the WebAdministration module is already loaded
-                if (-not (Get-Module -Name WebAdministration)) {
-                    try {
-                        # Attempt to import the WebAdministration module
-                        Import-Module WebAdministration -ErrorAction Stop
-                    }
-                    catch {
-                        throw ""Failed to load the WebAdministration module. Ensure it is installed and available.""
-                    }
-                }
-
-                # Retrieve the existing binding information
-                $myBinding = ""${IPAddress}:${Port}:${Hostname}""
-                Write-Host ""myBinding: "" $myBinding
-
-                $siteBindings = Get-IISSiteBinding -Name $SiteName
-                $existingBinding = $siteBindings | Where-Object { $_.bindingInformation -eq $myBinding -and $_.protocol -eq $Protocol }
-    
-                Write-Host ""Binding:"" $existingBinding
-
-                if ($null -ne $existingBinding) {
-                    # Remove the existing binding
-                    Remove-IISSiteBinding -Name $SiteName -BindingInformation $existingBinding.BindingInformation -Protocol $existingBinding.Protocol -Confirm:$false
-        
-                    Write-Host ""Removed existing binding: $($existingBinding.BindingInformation)""
-                }
-        
-                # Create the new binding with modified properties
-                $newBindingInfo = ""${IPAddress}:${Port}:${Hostname}""
-        
-                New-IISSiteBinding -Name $SiteName `
-                    -BindingInformation $newBindingInfo `
-                    -Protocol $Protocol `
-                    -CertificateThumbprint $Thumbprint `
-                    -CertStoreLocation $StoreName `
-                    -SslFlag $SslFlags
-
-                Write-Host ""New binding added: $newBindingInfo""";
-
-        public const string UpdateIISBindingsV8 = @"
+        public const string UpdateIISBindings = @"
                 param (
                     $SiteName,        # The name of the IIS site
                     $IPAddress,       # The IP Address for the binding