Merge pull request #374 from Venafi/371-new-vdccertificate--timeoutsec

gdbarron · web-flow · commit 4009e1bf20b8 · 2026-01-26T17:34:03.000-05:00
reviewed offline
diff --git a/VenafiPS/Public/New-VdcCertificate.ps1 b/VenafiPS/Public/New-VdcCertificate.ps1
@@ -4,10 +4,7 @@ function New-VdcCertificate {
     Enrolls or provisions a new certificate
 
     .DESCRIPTION
-    Enrolls or provisions a new certificate.
-    Prior to TLSPDC 22.1, this function is asynchronous and will always return success.
-    Beginning with 22.1, you can control this behavior.
-    See https://docs.venafi.com/Docs/currentSDK/TopNav/Content/SDK/WebSDK/r-SDK-Certificates-API-settings.php.
+    Enrolls or provisions a new certificate
 
     .PARAMETER Path
     The folder DN path for the new certificate.
@@ -68,8 +65,11 @@ function New-VdcCertificate {
     See the example.
 
     .PARAMETER TimeoutSec
-    Introduced in 22.1, this controls the wait time, in seconds, for a CA to issue/renew a certificate.
-    The default is 60 seconds.
+    Control the wait time, in seconds, for a CA to issue/renew a certificate.
+    Can be set globally in the product, https://docs.venafi.com/Docs/currentSDK/TopNav/Content/SDK/WebSDK/r-SDK-Certificates-API-settings.php.
+    Use this as an override to the global setting.
+    The product default of 0 will cause this function to return immediately, before the certificate has been created.
+    This property is useful if you are wanting to immediately access the certificate when New-VdcCertificate is finished, eg. to pipe to Export-VdcCertificate.
 
     .PARAMETER PassThru
     Return an object representing the newly created certificate.
@@ -83,7 +83,7 @@ function New-VdcCertificate {
     None
 
     .OUTPUTS
-    TppObject, if PassThru is provided
+    PSCustomObject, if PassThru is provided
     If devices and/or applications were created, a 'Device' property will be available as well.
 
     .EXAMPLE
@@ -114,6 +114,11 @@ function New-VdcCertificate {
     New-VdcCertificate -Path '\ved\policy\folder' -Name 'mycert.com' -Device @{'PolicyDN'=$DevicePath; 'ObjectName'='MyDevice'; 'Host'='1.2.3.4'} -Application @{'DeviceName'='MyDevice'; 'ObjectName'='BasicApp'; 'DriverName'='appbasic'}
     Create a new certificate with associated device and app objects
 
+    .EXAMPLE
+    New-VdcCertificate -Path '\ved\policy\certs' -Name 'www.barron.com' -CertificateAuthorityPath '\ved\policy\CA Templates\my template' -TimeoutSec 30 -PassThru | Export-VdcCertificate -PKCS12 -PrivateKeyPassword 'mySecretPassword!'
+
+    Wait up to 30 seconds for the CA to create the certificate and then export it
+
     .LINK
     https://venafi.github.io/VenafiPS/functions/New-VdcCertificate/
 
@@ -197,7 +202,8 @@ function New-VdcCertificate {
 
         [Parameter()]
         [Alias('WorkToDoTimeout')]
-        [int32] $TimeoutSec = 60,
+        [ValidateRange(0, 120)]
+        [int32] $TimeoutSec,
 
         [Parameter()]
         [switch] $PassThru,
@@ -311,7 +317,9 @@ function New-VdcCertificate {
             $params.Body.Add('ManagementType', [enum]::GetName([TppManagementType], $ManagementType))
         }
 
-        $params.Body.Add('WorkToDoTimeout', $TimeoutSec)
+        if ( $PSBoundParameters.ContainsKey('TimeoutSec') ) {
+            $params.Body.Add('WorkToDoTimeout', $TimeoutSec)
+        }
 
         if ( $PSBoundParameters.ContainsKey('SubjectAltName') ) {
             $newSan = @($SubjectAltName | ForEach-Object {
@@ -378,9 +386,9 @@ function New-VdcCertificate {
 
                 if ( $PassThru ) {
                     $newCert = Get-VdcObject -Path $response.CertificateDN
-                    if ( $Device ) {
+                    if ( $response.Devices.DN ) {
                         $newCert | Add-Member @{ 'Device' = @{'Path' = $response.Devices.DN } }
-                        if ( $Application ) {
+                        if ( $response.Devices.Applications.DN ) {
                             $newCert.Device.Application = $response.Devices.Applications.DN
                         }
                     }
diff --git a/VenafiPS/VenafiPS.psm1 b/VenafiPS/VenafiPS.psm1
@@ -174,7 +174,9 @@ $vdcPathArgCompleterSb = {
 
     }
 }
-Register-ArgumentCompleter -CommandName $vdcCommands -ParameterName 'Path' -ScriptBlock $vdcPathArgCompleterSb
+'Path', 'CertificateAuthorityPath', 'CredentialPath', 'CertificatePath', 'ApplicationPath', 'EnginePath', 'CertificateLinkPath', 'NewPath' | ForEach-Object {
+    Register-ArgumentCompleter -CommandName $vdcCommands -ParameterName $_ -ScriptBlock $vdcPathArgCompleterSb
+}
 
 $vcLogArgCompleterSb = {
     param($commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters)

Original file line number	Diff line number	Diff line change
`@@ -174,7 +174,9 @@ $vdcPathArgCompleterSb = {`
`174`	`174`
`175`	`175`	`}`
`176`	`176`	`}`
`177`		`-Register-ArgumentCompleter -CommandName $vdcCommands -ParameterName 'Path' -ScriptBlock $vdcPathArgCompleterSb`
	`177`	`+'Path', 'CertificateAuthorityPath', 'CredentialPath', 'CertificatePath', 'ApplicationPath', 'EnginePath', 'CertificateLinkPath', 'NewPath' \| ForEach-Object {`
	`178`	`+ Register-ArgumentCompleter -CommandName $vdcCommands -ParameterName $_ -ScriptBlock $vdcPathArgCompleterSb`
	`179`	`+}`
`178`	`180`
`179`	`181`	`$vcLogArgCompleterSb = {`
`180`	`182`	`param($commandName, $parameterName, $wordToComplete, $commandAst, $fakeBoundParameters)`