diff options
author | Tim Smith <tsmith@chef.io> | 2020-12-09 07:44:16 -0800 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-12-09 07:44:16 -0800 |
commit | 2f7bf4bd73e2d13dd9e0337beed5905f6777c1db (patch) | |
tree | 6a867603eaeb5d1a49919727ad74e3b676ed0903 | |
parent | 2399214cfc4ca0078f7a54adce882a93d9a5d9b0 (diff) | |
parent | b7f0e91c25e487e00a4de90cb2739d548cd2fd4c (diff) | |
download | chef-2f7bf4bd73e2d13dd9e0337beed5905f6777c1db.tar.gz |
Merge pull request #10711 from MsysTechnologiesllc/dh/win-pfx-certificate-exportable
Signed-off-by: Tim Smith <tsmith@chef.io>
-rw-r--r-- | lib/chef/resource/windows_certificate.rb | 8 | ||||
-rw-r--r-- | spec/unit/resource/windows_certificate_spec.rb | 12 |
2 files changed, 19 insertions, 1 deletions
diff --git a/lib/chef/resource/windows_certificate.rb b/lib/chef/resource/windows_certificate.rb index 2c8c7c72ff..930c5ae6a4 100644 --- a/lib/chef/resource/windows_certificate.rb +++ b/lib/chef/resource/windows_certificate.rb @@ -87,6 +87,11 @@ class Chef description: "Ensure that sensitive resource data is not logged by the #{ChefUtils::Dist::Infra::CLIENT}.", default: lazy { pfx_password ? true : false }, skip_docs: true + property :exportable, [TrueClass, FalseClass], + description: "Ensure that imported pfx certificate is exportable. Please provide 'true' if you want the certificate to be exportable.", + default: false, + introduced: "16.8" + action :create do description "Creates or updates a certificate." @@ -162,8 +167,9 @@ class Chef end def add_pfx_cert + exportable = new_resource.exportable ? 1 : 0 store = ::Win32::Certstore.open(new_resource.store_name) - store.add_pfx(new_resource.source, new_resource.pfx_password) + store.add_pfx(new_resource.source, new_resource.pfx_password, exportable) end def delete_cert diff --git a/spec/unit/resource/windows_certificate_spec.rb b/spec/unit/resource/windows_certificate_spec.rb index 7c0df35571..71ef8a9498 100644 --- a/spec/unit/resource/windows_certificate_spec.rb +++ b/spec/unit/resource/windows_certificate_spec.rb @@ -80,4 +80,16 @@ describe Chef::Resource::WindowsCertificate do resource.store_name "MY" expect { resource.action :create }.not_to raise_error end + + it "the exportable property defaults to false" do + expect(resource.exportable).to be false + end + + it "doesn't raise error if exportable option is passed" do + resource.pfx_password "chef$123" + resource.source "C:\\certs\\test-cert.pfx" + resource.store_name "MY" + resource.exportable true + expect { resource.action :create }.not_to raise_error + end end |