Update manifest and docs to 6.3.0

Venafi · Mar 20, 2024 · 7d43b4e · 7d43b4e
1 parent 259c170
commit 7d43b4e
Show file tree

Hide file tree

Showing 10 changed files with 227 additions and 71 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,11 @@
+## 6.3.0
+- Add `Export-VcCertificate -PKCS12`, requires PowerShell v7.1+.  [#251](https://github.com/Venafi/VenafiPS/issues/251)
+- Add `New-VenafiSession -TimeoutSec`, the default is 0 for no timeout.  If using SecretManagement, store this with the other metadata.
+- Add support for `Invoke-VcCertificateAction -Renew -AdditionalParameters`.  The use case was renewing many certificates with a different issuer.
+- Update `Set-VdcPermission` to accept just permission switches and not require a permission object.  This assists in setting a permission for the first time for a specific id.
+- Fix `Get-VdcAttribute` and `Set-VdcAttribute` recognizing custom field guids, but not labels
+
+
 ## 6.2.1
 - Fix `Invoke-VcCertificateAction -Renew` flagging multiple applications incorrectly
 
@@ -678,5 +686,6 @@ This is a major release.  Although every attempt has been made to be backwards c
 
 
 
+
 
 
diff --git a/VenafiPS/VenafiPS.psd1 b/VenafiPS/VenafiPS.psd1
@@ -3,7 +3,7 @@
 #
 # Generated by: Greg Brownstein
 #
-# Generated on: 03/12/2024
+# Generated on: 03/20/2024
 #
 
 @{
@@ -12,7 +12,7 @@
 RootModule = 'VenafiPS.psm1'
 
 # Version number of this module.
-ModuleVersion = '6.3'
+ModuleVersion = '6.3.0'
 
 # Supported PSEditions
 # CompatiblePSEditions = @()

diff --git a/docs/changelog.md b/docs/changelog.md
@@ -1,3 +1,11 @@
+## 6.3.0
+- Add `Export-VcCertificate -PKCS12`, requires PowerShell v7.1+.  [#251](https://github.com/Venafi/VenafiPS/issues/251)
+- Add `New-VenafiSession -TimeoutSec`, the default is 0 for no timeout.  If using SecretManagement, store this with the other metadata.
+- Add support for `Invoke-VcCertificateAction -Renew -AdditionalParameters`.  The use case was renewing many certificates with a different issuer.
+- Update `Set-VdcPermission` to accept just permission switches and not require a permission object.  This assists in setting a permission for the first time for a specific id.
+- Fix `Get-VdcAttribute` and `Set-VdcAttribute` recognizing custom field guids, but not labels
+
+
 ## 6.2.1
 - Fix `Invoke-VcCertificateAction -Renew` flagging multiple applications incorrectly
 
@@ -678,5 +686,6 @@ This is a major release.  Although every attempt has been made to be backwards c
 
 
 
+
 
 
diff --git a/docs/functions/Export-VcCertificate.md b/docs/functions/Export-VcCertificate.md
@@ -1,115 +1,201 @@
 # Export-VcCertificate
 
 ## SYNOPSIS
-{{ Fill in the Synopsis }}
+Export certificate data from TLSPC
 
 ## SYNTAX
 
+### PEM (Default)
 ```
-Export-VcCertificate [-ID] <String> [[-PrivateKeyPassword] <PSObject>] [-IncludeChain] [[-OutPath] <String>]
- [[-ThrottleLimit] <Int32>] [[-VenafiSession] <PSObject>] [-ProgressAction <ActionPreference>]
- [<CommonParameters>]
+Export-VcCertificate -ID <String> [-PrivateKeyPassword <PSObject>] [-IncludeChain] [-OutPath <String>]
+ [-ThrottleLimit <Int32>] [-VenafiSession <PSObject>] [-ProgressAction <ActionPreference>] [<CommonParameters>]
+```
+
+### PKCS12
+```
+Export-VcCertificate -ID <String> -PrivateKeyPassword <PSObject> -OutPath <String> [-PKCS12]
+ [-ThrottleLimit <Int32>] [-VenafiSession <PSObject>] [-ProgressAction <ActionPreference>] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
-{{ Fill in the Description }}
+Export certificate data in PEM format. 
+You can retrieve the certificate, chain, and key.
+You can also save the certificate and private key in PEM or PKCS12 format.
 
 ## EXAMPLES
 
-### Example 1
-```powershell
-PS C:\> {{ Add example code here }}
+### EXAMPLE 1
+```
+$certId | Export-VcCertificate
+```
+
+Export certificate data
+
+### EXAMPLE 2
+```
+$certId | Export-VcCertificate -PrivateKeyPassword 'myPassw0rd!'
+```
+
+Export certificate and private key data
+
+### EXAMPLE 3
+```
+$certId | Export-VcCertificate -PrivateKeyPassword 'myPassw0rd!' -PKCS12 -OutPath '~/temp'
+```
+
+Export certificate and private key in PKCS12 format
+
+### EXAMPLE 4
+```
+$cert | Export-VcCertificate -OutPath '~/temp'
+```
+
+Get certificate data and save to a file
+
+### EXAMPLE 5
+```
+$cert | Export-VcCertificate -IncludeChain
 ```
 
-{{ Add example description here }}
+Get certificate data with the certificate chain included.
 
 ## PARAMETERS
 
 ### -ID
-{{ Fill ID Description }}
+Certificate ID, also known as uuid. 
+Use Find-VcCertificate or Get-VcCertificate to determine the ID.
+You can pipe those functions as well.
 
 ```yaml
 Type: String
 Parameter Sets: (All)
 Aliases: certificateId
 
 Required: True
-Position: 0
+Position: Named
 Default value: None
 Accept pipeline input: True (ByPropertyName, ByValue)
 Accept wildcard characters: False
 ```
 
+### -PrivateKeyPassword
+Password required to include the private key.
+You can either provide a String, SecureString, or PSCredential.
+Requires PowerShell v7.0+.
+
+```yaml
+Type: PSObject
+Parameter Sets: PEM
+Aliases:
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+```yaml
+Type: PSObject
+Parameter Sets: PKCS12
+Aliases:
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -IncludeChain
-{{ Fill IncludeChain Description }}
+Include the certificate chain with the exported or saved PEM certificate data.
 
 ```yaml
 Type: SwitchParameter
-Parameter Sets: (All)
+Parameter Sets: PEM
 Aliases:
 
 Required: False
 Position: Named
-Default value: None
+Default value: False
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
 ### -OutPath
-{{ Fill OutPath Description }}
+Folder path to save the certificate to. 
+The name of the file will be determined automatically.
+For each certificate a directory will be created in this folder with the format Name-ID.
+In the case of PKCS12, the file will be saved to the root of the folder.
 
 ```yaml
 Type: String
-Parameter Sets: (All)
+Parameter Sets: PEM
 Aliases:
 
 Required: False
-Position: 2
+Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -PrivateKeyPassword
-{{ Fill PrivateKeyPassword Description }}
-
 ```yaml
-Type: PSObject
-Parameter Sets: (All)
+Type: String
+Parameter Sets: PKCS12
 Aliases:
 
-Required: False
-Position: 1
+Required: True
+Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -PKCS12
+Export the certificate and private key in PKCS12 format.
+Requires PowerShell v7.1+.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: PKCS12
+Aliases:
+
+Required: True
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -ThrottleLimit
-{{ Fill ThrottleLimit Description }}
+Limit the number of threads when running in parallel; the default is 100. 
+Applicable to PS v7+ only.
 
 ```yaml
 Type: Int32
 Parameter Sets: (All)
 Aliases:
 
 Required: False
-Position: 3
-Default value: None
+Position: Named
+Default value: 100
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
 ### -VenafiSession
-{{ Fill VenafiSession Description }}
+Authentication for the function.
+The value defaults to the script session object $VenafiSession created by New-VenafiSession.
+A TLSPC key can also provided.
 
 ```yaml
 Type: PSObject
 Parameter Sets: (All)
 Aliases:
 
 Required: False
-Position: 4
+Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
@@ -135,10 +221,14 @@ This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable
 
 ## INPUTS
 
-### System.String
+### ID
 ## OUTPUTS
 
-### System.Object
+### PSCustomObject
 ## NOTES
+This function requires the use of sodium encryption.
+PS v7.1+ is required.
+On Windows, the latest Visual C++ redist must be installed. 
+See https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist.
 
 ## RELATED LINKS
diff --git a/docs/functions/Invoke-VcCertificateAction.md b/docs/functions/Invoke-VcCertificateAction.md
@@ -59,29 +59,36 @@ Only one certificate and application combination can be renewed at a time so pro
 
 ### EXAMPLE 3
 ```
+Find-VcCertificate -Version CURRENT -Issuer i1 | Invoke-VcCertificateAction -Renew -AdditionalParameters @{'certificateIssuingTemplateId'='10f71a12-daf3-4737-b589-6a9dd1cc5a97'}
+```
+
+Find all current certificates issued by i1 and renew them with a different issuer.
+
+### EXAMPLE 4
+```
 Invoke-VcCertificateAction -ID '3699b03e-ff62-4772-960d-82e53c34bf60' -Renew -Force
 ```
 
 Renewals can only support 1 CN assigned to a certificate. 
 To force this function to renew and automatically select the first CN, use -Force.
 
-### EXAMPLE 4
+### EXAMPLE 5
 ```
 Invoke-VcCertificateAction -ID '3699b03e-ff62-4772-960d-82e53c34bf60' -Delete
 ```
 
 Delete a certificate. 
 As only retired certificates can be deleted, it will be retired first.
 
-### EXAMPLE 5
+### EXAMPLE 6
 ```
 Invoke-VcCertificateAction -ID '3699b03e-ff62-4772-960d-82e53c34bf60' -Delete -Confirm:$false
 ```
 
 Perform an action bypassing the confirmation prompt. 
 Only applicable to Delete.
 
-### EXAMPLE 6
+### EXAMPLE 7
 ```
 Find-VcObject -Type Certificate -Filter @('certificateStatus','eq','retired') | Invoke-VcCertificateAction -Delete
 ```
@@ -138,6 +145,7 @@ Accept wildcard characters: False
 ### -Renew
 Requests immediate renewal for an existing certificate.
 If more than 1 application is associated with the certificate, provide -AdditionalParameters @{'Application'='application id'} to specify the id.
+Use -AdditionalParameters to provide additional parameters to the renewal request, see https://developer.venafi.com/tlsprotectcloud/reference/certificaterequests_create.
 
 ```yaml
 Type: SwitchParameter

diff --git a/docs/functions/Invoke-VenafiRestMethod.md b/docs/functions/Invoke-VenafiRestMethod.md
@@ -8,15 +8,16 @@ Ability to execute REST API calls which don't exist in a dedicated function yet
 ### Session (Default)
 ```
 Invoke-VenafiRestMethod [-VenafiSession <PSObject>] [-Method <String>] [-UriRoot <String>] -UriLeaf <String>
- [-Header <Hashtable>] [-Body <Hashtable>] [-FullResponse] [-SkipCertificateCheck]
+ [-Header <Hashtable>] [-Body <Hashtable>] [-FullResponse] [-TimeoutSec <Int32>] [-SkipCertificateCheck]
  [-ProgressAction <ActionPreference>] [<CommonParameters>]
 ```
 
 ### URL
 ```
 Invoke-VenafiRestMethod -Server <String> [-UseDefaultCredential] [-Certificate <X509Certificate>]
  [-Method <String>] [-UriRoot <String>] -UriLeaf <String> [-Header <Hashtable>] [-Body <Hashtable>]
- [-FullResponse] [-SkipCertificateCheck] [-ProgressAction <ActionPreference>] [<CommonParameters>]
+ [-FullResponse] [-TimeoutSec <Int32>] [-SkipCertificateCheck] [-ProgressAction <ActionPreference>]
+ [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -192,6 +193,21 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -TimeoutSec
+{{ Fill TimeoutSec Description }}
+
+```yaml
+Type: Int32
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: 0
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -SkipCertificateCheck
 {{ Fill SkipCertificateCheck Description }}