From 2d1e6597bbe932bdc35ad9629a3167ad5f331118 Mon Sep 17 00:00:00 2001
From: stack72 <public@paulstack.co.uk>
Date: Mon, 14 Apr 2014 11:05:14 +0100
Subject: [PATCH] Updating the powershell and the specs to use certificate
 thumbprint rather than certificate name

---
 manifests/manage_binding.pp         |  8 ++++----
 spec/defines/manage_binding_spec.rb | 12 ++++++------
 2 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/manifests/manage_binding.pp b/manifests/manage_binding.pp
index 9951520..24a1334 100644
--- a/manifests/manage_binding.pp
+++ b/manifests/manage_binding.pp
@@ -1,4 +1,4 @@
-define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_name = '', $ensure = 'present') {
+define iis::manage_binding($site_name, $protocol, $port, $host_header = '', $ip_address = '*', $certificate_thumbprint = '', $ensure = 'present') {
   include 'iis::param::powershell'
 
   if ! ($protocol in [ 'http', 'https', 'net.tcp', 'net.pipe', 'netmsmq', 'msmq.formatname' ]) {
@@ -23,15 +23,15 @@
     }
 
     if ($protocol == 'https') {
-      validate_re($certificate_name, ['^(.)+$'], 'certificate_name required for https bindings')
+      validate_re($certificate_thumbprint, ['^(.)+$'], 'certificate_thumbprint required for https bindings')
       if ($ip_address == '*' or $ip_address == '0.0.0.0') {
         fail('https bindings require a valid ip_address')
       }
 
       exec { "Attach-Certificate-${title}":
         path      => "${iis::param::powershell::path};${::path}",
-        command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1)\"",
-        onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"${certificate_name}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
+        command   => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"${certificate_thumbprint}\\\")} | Select-Object -First 1)\"",
+        onlyif    => "${iis::param::powershell::command} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"${certificate_thumbprint}\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\${ip_address}!${port}\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
         require   => Exec["CreateBinding-${title}"],
         logoutput => true,
       }
diff --git a/spec/defines/manage_binding_spec.rb b/spec/defines/manage_binding_spec.rb
index c06d5ea..5682e8c 100644
--- a/spec/defines/manage_binding_spec.rb
+++ b/spec/defines/manage_binding_spec.rb
@@ -82,14 +82,14 @@
         :ip_address => '127.0.0.1',
     } }
 
-    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_name required for https bindings/) }
+    it { expect { should contain_exec('Attach-Certificate-myWebSite-port-443')}.to raise_error(Puppet::Error, /certificate_thumbprint required for https bindings/) }
   end
 
   describe 'when protocol is https and ip address *' do
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '*',
@@ -102,7 +102,7 @@
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '0.0.0.0',
@@ -115,15 +115,15 @@
     let(:title) { 'myWebSite-port-443' }
     let(:params) { {
         :site_name        => 'myWebSite',
-        :certificate_name => 'myCertificate',
+        :certificate_thumbprint => 'myCertificate',
         :protocol         => 'https',
         :port             => '443',
         :ip_address       => '127.0.0.1',
     } }
 
     it { should contain_exec('Attach-Certificate-myWebSite-port-443').with({
-      'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"",
-      'onlyif'  => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.FriendlyName.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
+      'command' => "#{powershell} -Command \"Import-Module WebAdministration; New-Item \\\"IIS:\\SslBindings\\127.0.0.1!443\\\" -Value (Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"myCertificate\\\")} | Select-Object -First 1)\"",
+      'onlyif'  => "#{powershell} -Command \"Import-Module WebAdministration; if((Get-ChildItem cert:\\ -Recurse | Where-Object {\$_.Thumbprint.Equals(\\\"myCertificate\\\")} | Select-Object -First 1) -and ((Test-Path \\\"IIS:\\SslBindings\\127.0.0.1!443\\\") -eq \$false)) { exit 0 } else { exit 1 }\"",
     })}
   end