Special characters in PKI object names causing errors #190
Comments
|
I was able to figure out how to solve this particular issue. It did pass my own tests, though I'd like to get a confirmation that the fix is compatible with your module. I believe that this fix addresses all issues you referenced here. Attaching debug builds for your testing: SysadminsLV.PKI.Win-v4.0.3.zip. Extract files into PSPKI's Library folder. Note: this fix works only with PSPKI v4.0. The fix doesn't apply to PSPKI v3.7.2. |
|
I can confirm these changes work. However, the latest version in the PSGallery does not seem to have this support. |
yep, the work is in progress. The code is almost ready to ship, however there is a lot of work on docs which is planned next week. I hope to get new release by Christmas. |
|
fixed in v4.2 |
PSPKI appears to have a bug if templates or CAs contain LDAP-related special characters. I assume this is caused when a template/CA name containing special chars is used when constructing an LDAP DN. The solution is to escape these special characters, as outlined here.
Reproduction steps:
Get-CertificationAuthority | Get-CATemplateand note that it runs successfully.Usertemplate and name itasdf/asdfGet-CertificationAuthority | Get-CATemplateand note that it fails.I have not tested if special chars in the CA's name causes issues, but I suspect it does.
Related issues in PSPKIAudit:
GhostPack/PSPKIAudit#19 - Forward slash in template name causing issue
GhostPack/PSPKIAudit#13 - Template common name lookup likely failing due to special char in CN
GhostPack/PSPKIAudit#9 - Unescaped special char in CA's name potentially causing issue in LDAP DN
The text was updated successfully, but these errors were encountered: