diff --git a/src/Item/Get-CredentialStoreItem.ps1 b/src/Item/Get-CredentialStoreItem.ps1 index f82f581..4494a34 100644 --- a/src/Item/Get-CredentialStoreItem.ps1 +++ b/src/Item/Get-CredentialStoreItem.ps1 @@ -89,7 +89,26 @@ function Get-CredentialStoreItem { if (($CSMembers.MemberType -eq "NoteProperty") -and ($CSMembers.Name -contains $CredentialName)) { try { if ($null -eq $CS.PfxCertificate) { - $Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint + if ($CS.Type -eq 'Private') { + $Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint + } + elseif ($CS.Type -eq 'Shard') { + if (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName My -StoreLocation LocalMachine + } + elseif (Test-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CS.Thumbprint -StoreName Root -StoreLocation LocalMachine + } + else { + $ErrorParams = @{ + ErrorAction = 'Stop' + Exception = [System.Exception]::new( + ('Could not find any certificate with thumbprint {0}' -f $CS.Thumbprint) + ) + } + Write-Error @ErrorParams + } + } } else { $Cert = Get-PfxCertificate -FilePath $CS.PfxCertificate -ErrorAction Stop diff --git a/src/Item/New-CredentialStoreItem.ps1 b/src/Item/New-CredentialStoreItem.ps1 index 81a3524..14f6f4a 100644 --- a/src/Item/New-CredentialStoreItem.ps1 +++ b/src/Item/New-CredentialStoreItem.ps1 @@ -118,15 +118,25 @@ function New-CredentialStoreItem { if ($Credential.UserName) { try { if ($null -eq $CSContent.PfxCertificate) { - $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint - if ($null -eq $Cert) { - $ErrorParams = @{ - ErrorAction = 'Stop' - Exception = [System.Security.Cryptography.X509Certificates.FileNotFoundException]::new( - ('Could not find the linked certificate with thumbprint {0}' -f $CSContent.Thumbprint) - ) + if ($CSContent.Type -eq 'Private') { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint + } + elseif ($CSContent.Type -eq 'Shard') { + if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine + } + elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine + } + else { + $ErrorParams = @{ + ErrorAction = 'Stop' + Exception = [System.Exception]::new( + ('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint) + ) + } + Write-Error @ErrorParams } - Write-Error @ErrorParams } } else { diff --git a/src/Item/Set-CredentialStoreItem.ps1 b/src/Item/Set-CredentialStoreItem.ps1 index 313857e..0fa13d6 100644 --- a/src/Item/Set-CredentialStoreItem.ps1 +++ b/src/Item/Set-CredentialStoreItem.ps1 @@ -104,7 +104,26 @@ function Set-CredentialStoreItem { if ($Credential.UserName) { try { if ($null -eq $CSContent.PfxCertificate) { - $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint + if ($CSContent.Type -eq 'Private') { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint + } + elseif ($CSContent.Type -eq 'Shard') { + if (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName My -StoreLocation LocalMachine + } + elseif (Test-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine) { + $Cert = Get-CSCertificate -Thumbprint $CSContent.Thumbprint -StoreName Root -StoreLocation LocalMachine + } + else { + $ErrorParams = @{ + ErrorAction = 'Stop' + Exception = [System.Exception]::new( + ('Could not find any certificate with thumbprint {0}' -f $CSContent.Thumbprint) + ) + } + Write-Error @ErrorParams + } + } } else { $Cert = Get-PfxCertificate -FilePath $CSContent.PfxCertificate -ErrorAction Stop diff --git a/src/Store/New-CredentialStore.ps1 b/src/Store/New-CredentialStore.ps1 index b172e28..7d42885 100644 --- a/src/Store/New-CredentialStore.ps1 +++ b/src/Store/New-CredentialStore.ps1 @@ -210,7 +210,12 @@ function New-CredentialStore { } else { Write-Verbose 'Importing new PFX certificate file...' - Import-CSCertificate -Path $PfxParams.CertName -StoreName My -StoreLocation CurrentUser + if ($PSCmdlet.ParameterSetName -eq 'Private') { + Import-CSCertificate -Path $PfxParams.CertName -StoreName My -StoreLocation CurrentUser -ErrorAction Stop + } + elseif ($PSCmdlet.ParameterSetName -eq 'Shared') { + Import-CSCertificate -Path $PfxParams.CertName -StoreName My -StoreLocation LocalMachine -ErrorAction Stop + } } }