Generate certificate thumbprint within config

Hi there!

Does anyone had an idea how to do this:

I’m trying to build an on-premises HTTPS DSC Pull Server on a server which is managed by Azure DSC.
Step-1: Within my config I’m able to generate an SSL certificate from the on-premises CA. But now I want to use this particular certificate for the SSL-binding of the Pull server.

Step-2: Within the xDscWebService resource you have to supply an CertificateThumbPrint.
How can I use retrieve and use the thumbprint of the certificate from Step-1 in the same config? Just $thumbprint = (Get-ChildItem CERT:..etc) doesn’t do the trick…

Anyone?

Kind regards,
Sven

It would take either a custom resource or a script resource that gets the cert thumbprint and does the steps that xDscWebService would handle.

You could pass in thumbprint as a parameter with a param block.

Then on the line where you compile the mof,
Configname -path .\ -thumbprint (get-childitem Cert:.…etc)

Oh wait, you say you’re generating the certificate within the config?? Using a parameter probably isn’t the answer in that case.

Hi Sven, I have done this in my test environment using the below method.

$cert = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$cert.Import('c:\publicKeys\nameofcertfile.cer') 

You can then use $cert.thumbprint to get the thumbprint.
I used this article to help me: Powershell: Pulling thumbprint from Certificate (.cer)?

First post, hope the formatting works correctly.

Thanks, Tim.

Thank you all for your replies up till now!
I’m going to check things out later this week and will keep you up to date!

Any update on this?