Rephl3x/cert-management
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use INF CNs as primary hosts and SANs separately

Browse Source
This commit is contained in:
Zak Bearman
2026-01-30 13:12:36 +13:00
parent b3d3e9300f
commit d28beb86e3
1 changed files with 19 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
certy.ps1
View File

@@ -269,19 +269,10 @@ function Get-InfRequestFromLines {
}
}
$hosts = New-Object System.Collections.Generic.List[string]
if ($commonName) {
$hosts.Add($commonName)
}
foreach ($san in $sans) {
if ($commonName -and $san.Equals($commonName, [System.StringComparison]::OrdinalIgnoreCase)) { continue }
$hosts.Add($san)
}
return [pscustomobject]@{
CommonName = $commonName
Sans = $sans
Hosts = $hosts
Hosts = @($commonName) | Where-Object { $_ }
}
}
@@ -1514,10 +1505,11 @@ $infImportBtn.Add_Click({
Hosts = $hosts
CommonName = $reqData.CommonName
Sans = @($reqData.Sans)
CertHosts = @(@($reqData.CommonName) + @($reqData.Sans) | Where-Object { $_ } | Sort-Object -Unique)
Sanitized = $sanitizedPath
CsrInf = $csrInfPath
}
$infHosts += $hosts
if ($reqData.CommonName) { $infHosts += $reqData.CommonName }
$script:infSans += @($reqData.Sans)
if ($reqData.CommonName) {
$sanList = if (@($reqData.Sans).Count -gt 0) { (@($reqData.Sans) -join ", ") } else { "none" }
@@ -1532,6 +1524,9 @@ $infImportBtn.Add_Click({
$merged = Merge-Hostnames -Existing $currentHosts -NewItems $infHosts
$hostsBox.Text = ($merged -join [Environment]::NewLine)
}
if ($infHosts.Count -gt 0) {
& $logAction "INF CNs loaded into Hostnames. SANs listed separately."
}
if ($script:infSans.Count -gt 0) {
$infSanBox.Text = ($script:infSans -join [Environment]::NewLine)
} else {
@@ -1681,7 +1676,15 @@ $runBtn.Add_Click({
$hosts += $fileHosts
}
if ($hosts.Count -eq 0) { throw "No hostnames provided." }
$infDnsHosts = @()
if ($script:infRequests -and $script:infRequests.Count -gt 0) {
foreach ($req in $script:infRequests) {
$infDnsHosts += @($req.CertHosts)
}
$infDnsHosts = @($infDnsHosts | Where-Object { $_ } | Sort-Object -Unique)
}
if ($hosts.Count -eq 0 -and $infDnsHosts.Count -eq 0) { throw "No hostnames provided." }
$zone = $zoneBox.Text.Trim()
if (-not $zone) { throw "Default DNS zone is required." }
@@ -1703,7 +1706,8 @@ $runBtn.Add_Click({
throw "PFX password is required."
}
$hostEntries = @($hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
$dnsHostInputs = if ($infDnsHosts.Count -gt 0) { $infDnsHosts } else { $hosts }
$hostEntries = @($dnsHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
& $logAction "Processing $($hostEntries.Count) hostname(s)."
@@ -1788,7 +1792,8 @@ $runBtn.Add_Click({
if ($script:infRequests -and $script:infRequests.Count -gt 0) {
& $logAction "INF requests detected; issuing one certificate per INF file."
foreach ($req in $script:infRequests) {
$reqEntries = @($req.Hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
$reqHostInputs = @($req.CertHosts)
$reqEntries = @($reqHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
$reqFqdns = @($reqEntries | ForEach-Object { $_.Fqdn } | Where-Object { $_ })
if ($reqFqdns.Count -eq 0) {
& $logAction "INF $([System.IO.Path]::GetFileName($req.File)) skipped (no hosts)."