From d28beb86e3466e5cfbbd62b010978b74538b7141 Mon Sep 17 00:00:00 2001 From: Rephl3x Date: Fri, 30 Jan 2026 13:12:36 +1300 Subject: [PATCH] Use INF CNs as primary hosts and SANs separately --- certy.ps1 | 33 +++++++++++++++++++-------------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/certy.ps1 b/certy.ps1 index 812783b..b7c2840 100644 --- a/certy.ps1 +++ b/certy.ps1 @@ -269,19 +269,10 @@ function Get-InfRequestFromLines { } } - $hosts = New-Object System.Collections.Generic.List[string] - if ($commonName) { - $hosts.Add($commonName) - } - foreach ($san in $sans) { - if ($commonName -and $san.Equals($commonName, [System.StringComparison]::OrdinalIgnoreCase)) { continue } - $hosts.Add($san) - } - return [pscustomobject]@{ CommonName = $commonName Sans = $sans - Hosts = $hosts + Hosts = @($commonName) | Where-Object { $_ } } } @@ -1514,10 +1505,11 @@ $infImportBtn.Add_Click({ Hosts = $hosts CommonName = $reqData.CommonName Sans = @($reqData.Sans) + CertHosts = @(@($reqData.CommonName) + @($reqData.Sans) | Where-Object { $_ } | Sort-Object -Unique) Sanitized = $sanitizedPath CsrInf = $csrInfPath } - $infHosts += $hosts + if ($reqData.CommonName) { $infHosts += $reqData.CommonName } $script:infSans += @($reqData.Sans) if ($reqData.CommonName) { $sanList = if (@($reqData.Sans).Count -gt 0) { (@($reqData.Sans) -join ", ") } else { "none" } @@ -1532,6 +1524,9 @@ $infImportBtn.Add_Click({ $merged = Merge-Hostnames -Existing $currentHosts -NewItems $infHosts $hostsBox.Text = ($merged -join [Environment]::NewLine) } + if ($infHosts.Count -gt 0) { + & $logAction "INF CNs loaded into Hostnames. SANs listed separately." + } if ($script:infSans.Count -gt 0) { $infSanBox.Text = ($script:infSans -join [Environment]::NewLine) } else { @@ -1681,7 +1676,15 @@ $runBtn.Add_Click({ $hosts += $fileHosts } - if ($hosts.Count -eq 0) { throw "No hostnames provided." } + $infDnsHosts = @() + if ($script:infRequests -and $script:infRequests.Count -gt 0) { + foreach ($req in $script:infRequests) { + $infDnsHosts += @($req.CertHosts) + } + $infDnsHosts = @($infDnsHosts | Where-Object { $_ } | Sort-Object -Unique) + } + + if ($hosts.Count -eq 0 -and $infDnsHosts.Count -eq 0) { throw "No hostnames provided." } $zone = $zoneBox.Text.Trim() if (-not $zone) { throw "Default DNS zone is required." } @@ -1703,7 +1706,8 @@ $runBtn.Add_Click({ throw "PFX password is required." } - $hostEntries = @($hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ }) + $dnsHostInputs = if ($infDnsHosts.Count -gt 0) { $infDnsHosts } else { $hosts } + $hostEntries = @($dnsHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ }) & $logAction "Processing $($hostEntries.Count) hostname(s)." @@ -1788,7 +1792,8 @@ $runBtn.Add_Click({ if ($script:infRequests -and $script:infRequests.Count -gt 0) { & $logAction "INF requests detected; issuing one certificate per INF file." foreach ($req in $script:infRequests) { - $reqEntries = @($req.Hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ }) + $reqHostInputs = @($req.CertHosts) + $reqEntries = @($reqHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ }) $reqFqdns = @($reqEntries | ForEach-Object { $_.Fqdn } | Where-Object { $_ }) if ($reqFqdns.Count -eq 0) { & $logAction "INF $([System.IO.Path]::GetFileName($req.File)) skipped (no hosts)."