Use INF CNs as primary hosts and SANs separately

2026-01-30 13:12:36 +13:00
parent b3d3e9300f
commit d28beb86e3
1 changed files with 19 additions and 14 deletions
--- a/certy.ps1
+++ b/certy.ps1
@@ -269,19 +269,10 @@ function Get-InfRequestFromLines {
        }
    }
    $hosts = New-Object System.Collections.Generic.List[string]
    if ($commonName) {
        $hosts.Add($commonName)
    }
    foreach ($san in $sans) {
        if ($commonName -and $san.Equals($commonName, [System.StringComparison]::OrdinalIgnoreCase)) { continue }
        $hosts.Add($san)
    }
    return [pscustomobject]@{
        CommonName = $commonName
        Sans       = $sans
-        Hosts      = $hosts
+        Hosts      = @($commonName) | Where-Object { $_ }
    }
 }
@@ -1514,10 +1505,11 @@ $infImportBtn.Add_Click({
                Hosts = $hosts
                CommonName = $reqData.CommonName
                Sans = @($reqData.Sans)
                CertHosts = @(@($reqData.CommonName) + @($reqData.Sans) | Where-Object { $_ } | Sort-Object -Unique)
                Sanitized = $sanitizedPath
                CsrInf = $csrInfPath
            }
-            $infHosts += $hosts
+            if ($reqData.CommonName) { $infHosts += $reqData.CommonName }
            $script:infSans += @($reqData.Sans)
            if ($reqData.CommonName) {
                $sanList = if (@($reqData.Sans).Count -gt 0) { (@($reqData.Sans) -join ", ") } else { "none" }
@@ -1532,6 +1524,9 @@ $infImportBtn.Add_Click({
            $merged = Merge-Hostnames -Existing $currentHosts -NewItems $infHosts
            $hostsBox.Text = ($merged -join [Environment]::NewLine)
        }
        if ($infHosts.Count -gt 0) {
            & $logAction "INF CNs loaded into Hostnames. SANs listed separately."
        }
        if ($script:infSans.Count -gt 0) {
            $infSanBox.Text = ($script:infSans -join [Environment]::NewLine)
        } else {
@@ -1681,7 +1676,15 @@ $runBtn.Add_Click({
            $hosts += $fileHosts
        }
-        if ($hosts.Count -eq 0) { throw "No hostnames provided." }
+        $infDnsHosts = @()
        if ($script:infRequests -and $script:infRequests.Count -gt 0) {
            foreach ($req in $script:infRequests) {
                $infDnsHosts += @($req.CertHosts)
            }
            $infDnsHosts = @($infDnsHosts | Where-Object { $_ } | Sort-Object -Unique)
        }
        if ($hosts.Count -eq 0 -and $infDnsHosts.Count -eq 0) { throw "No hostnames provided." }
        $zone = $zoneBox.Text.Trim()
        if (-not $zone) { throw "Default DNS zone is required." }
@@ -1703,7 +1706,8 @@ $runBtn.Add_Click({
            throw "PFX password is required."
        }
-        $hostEntries = @($hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
+        $dnsHostInputs = if ($infDnsHosts.Count -gt 0) { $infDnsHosts } else { $hosts }
        $hostEntries = @($dnsHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
        & $logAction "Processing $($hostEntries.Count) hostname(s)."
@@ -1788,7 +1792,8 @@ $runBtn.Add_Click({
            if ($script:infRequests -and $script:infRequests.Count -gt 0) {
                & $logAction "INF requests detected; issuing one certificate per INF file."
                foreach ($req in $script:infRequests) {
-                    $reqEntries = @($req.Hosts | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
+                    $reqHostInputs = @($req.CertHosts)
                    $reqEntries = @($reqHostInputs | ForEach-Object { Resolve-HostEntry -Name $_ -Zone $zone -UseProvidedFqdn $useFqdnBox.Checked } | Where-Object { $_ })
                    $reqFqdns = @($reqEntries | ForEach-Object { $_.Fqdn } | Where-Object { $_ })
                    if ($reqFqdns.Count -eq 0) {
                        & $logAction "INF $([System.IO.Path]::GetFileName($req.File)) skipped (no hosts)."