diff --git a/Invoke-Locksmith.ps1 b/Invoke-Locksmith.ps1 index f293862..5c51079 100644 --- a/Invoke-Locksmith.ps1 +++ b/Invoke-Locksmith.ps1 @@ -1975,17 +1975,33 @@ function Set-AdditionalCAProperty { begin { $CAEnrollmentEndpoint = @() - $code = @" -using System.Net; -using System.Security.Cryptography.X509Certificates; -public class TrustAllCertsPolicy : ICertificatePolicy { - public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { - return true; - } -} + if ($PSVersionTable.PSEdition -eq 'Desktop') { + $code = @" + using System.Net; + using System.Security.Cryptography.X509Certificates; + public class TrustAllCertsPolicy : ICertificatePolicy { + public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { + return true; + } + } "@ - Add-Type -TypeDefinition $code -Language CSharp - [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy + Add-Type -TypeDefinition $code -Language CSharp + [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy + } + else { + Add-Type @" + using System.Net; + using System.Security.Cryptography.X509Certificates; + using System.Net.Security; + public class TrustAllCertsPolicy { + public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { + return true; + } + } +"@ + # Set the ServerCertificateValidationCallback + [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts + } } process { @@ -2011,7 +2027,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy { try { $FullURL = "https$URL" $Request = [System.Net.WebRequest]::Create($FullURL) - + $Request.GetResponse() | Out-Null $CAEnrollmentEndpoint += @{ 'URL' = $FullURL @@ -2048,7 +2064,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy { $CAHostFQDN = (Get-ADObject -Filter { (Name -eq $CAHostName) -and (objectclass -eq 'computer') } -Properties DnsHostname -Server $ForestGC).DnsHostname } $ping = Test-Connection -ComputerName $CAHostFQDN -Quiet -Count 1 - if ($ping) { + if ($ping) { try { if ($Credential) { $CertutilAudit = Invoke-Command -ComputerName $CAHostname -Credential $Credential -ScriptBlock { param($CAFullName); certutil -config $CAFullName -getreg CA\AuditFilter } -ArgumentList $CAFullName diff --git a/Private/Set-AdditionalCAProperty.ps1 b/Private/Set-AdditionalCAProperty.ps1 index a397a47..461ba51 100644 --- a/Private/Set-AdditionalCAProperty.ps1 +++ b/Private/Set-AdditionalCAProperty.ps1 @@ -37,17 +37,32 @@ begin { $CAEnrollmentEndpoint = @() - $code= @" -using System.Net; -using System.Security.Cryptography.X509Certificates; -public class TrustAllCertsPolicy : ICertificatePolicy { - public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { - return true; - } -} + if ($PSVersionTable.PSEdition -eq 'Desktop') { + $code= @" + using System.Net; + using System.Security.Cryptography.X509Certificates; + public class TrustAllCertsPolicy : ICertificatePolicy { + public bool CheckValidationResult(ServicePoint srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem) { + return true; + } + } "@ - Add-Type -TypeDefinition $code -Language CSharp - [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy + Add-Type -TypeDefinition $code -Language CSharp + [System.Net.ServicePointManager]::CertificatePolicy = New-Object TrustAllCertsPolicy + } else { + Add-Type @" + using System.Net; + using System.Security.Cryptography.X509Certificates; + using System.Net.Security; + public class TrustAllCertsPolicy { + public static bool TrustAllCerts(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) { + return true; + } + } +"@ + # Set the ServerCertificateValidationCallback + [System.Net.ServicePointManager]::ServerCertificateValidationCallback = [TrustAllCertsPolicy]::TrustAllCerts + } } process { @@ -72,7 +87,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy { try { $FullURL = "https$URL" $Request = [System.Net.WebRequest]::Create($FullURL) - + $Request.GetResponse() | Out-Null $CAEnrollmentEndpoint += @{ 'URL' = $FullURL @@ -106,7 +121,7 @@ public class TrustAllCertsPolicy : ICertificatePolicy { $CAHostFQDN = (Get-ADObject -Filter { (Name -eq $CAHostName) -and (objectclass -eq 'computer') } -Properties DnsHostname -Server $ForestGC).DnsHostname } $ping = Test-Connection -ComputerName $CAHostFQDN -Quiet -Count 1 - if ($ping) { + if ($ping) { try { if ($Credential) { $CertutilAudit = Invoke-Command -ComputerName $CAHostname -Credential $Credential -ScriptBlock { param($CAFullName); certutil -config $CAFullName -getreg CA\AuditFilter } -ArgumentList $CAFullName diff --git a/Private/Show-LocksmithLogo.ps1 b/Private/Show-LocksmithLogo.ps1 new file mode 100644 index 0000000..ae93dbc --- /dev/null +++ b/Private/Show-LocksmithLogo.ps1 @@ -0,0 +1,37 @@ +function Show-LocksmithLogo { + Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' + Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' + Write-Host '%%%%%%%%%%%%%%%%%#+==============#%%%%%%%%%%%%%%%%%' + Write-Host '%%%%%%%%%%%%%%#=====================#%%%%%%%%%%%%%%' + Write-Host '%%%%%%%%%%%%#=========================#%%%%%%%%%%%%' + Write-Host '%%%%%%%%%%%=============================%%%%%%%%%%%' + Write-Host '%%%%%%%%%#==============+++==============#%%%%%%%%%' + Write-Host '%%%%%%%%#===========#%%%%%%%%%#===========#%%%%%%%%' + Write-Host '%%%%%%%%==========%%%%%%%%%%%%%%%==========%%%%%%%%' + Write-Host '%%%%%%%*=========%%%%%%%%%%%%%%%%%=========*%%%%%%%' + Write-Host '%%%%%%%+========*%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%+========#%%%%%%%%%%%%%%%%%#=========%%%%%%%' + Write-Host '%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%' + Write-Host '#=================================================#' + Write-Host '#=================================================#' + Write-Host '#=================+%%%============================#' + Write-Host '#==================%%%%*==========================#' + Write-Host '#===================*%%%%+========================#' + Write-Host '#=====================#%%%%=======================#' + Write-Host '#======================+%%%%#=====================#' + Write-Host '#========================*%%%%*===================#' + Write-Host '#========================+%%%%%===================#' + Write-Host '#======================#%%%%%+====================#' + Write-Host '#===================+%%%%%%=======================#' + Write-Host '#=================#%%%%%+=========================#' + Write-Host '#==============+%%%%%#============================#' + Write-Host '#============*%%%%%+====+%%%%%%%%%%===============#' + Write-Host '#=============%%*========+********+===============#' + Write-Host '#=================================================#' + Write-Host '#=================================================#' + Write-Host '#=================================================#' +}