SSH Certificate Signing Write Action

Microsoft.Unix.SSHBased.Cert.Signing.WriteAction (WriteActionModuleType)

Write Action to Sign Certificate via SSH

Element properties:

Member Modules:

Overrideable Parameters:

Source Code:

<WriteActionModuleType ID="Microsoft.Unix.SSHBased.Cert.Signing.WriteAction" Accessibility="Public">

  <Configuration>

    <xsd:element name="Host" type="xsd:string"/>

    <xsd:element name="Port" type="xsd:string" minOccurs="0"/>

    <xsd:element name="UserName" type="xsd:string"/>

    <xsd:element name="Password" type="xsd:string"/>

    <xsd:element name="TimeoutSeconds" type="xsd:string" minOccurs="0"/>

  </Configuration>

  <OverrideableParameters>

    <OverrideableParameter ID="Host" ParameterType="string" Selector="$Config/Host$"/>

    <OverrideableParameter ID="Port" ParameterType="string" Selector="$Config/Port$"/>

    <OverrideableParameter ID="UserName" ParameterType="string" Selector="$Config/UserName$"/>

    <OverrideableParameter ID="Password" ParameterType="string" Selector="$Config/Password$"/>

    <OverrideableParameter ID="TimeoutSeconds" ParameterType="string" Selector="$Config/TimeoutSeconds$"/>

  </OverrideableParameters>

  <ModuleImplementation>

    <Composite>

      <MemberModules>

        <ProbeAction ID="SSHGetCertCommand" TypeID="Microsoft.Unix.SSHCommand.ProbeAction">

          <Host>$Config/Host$</Host>

          <Port>$Config/Port$</Port>

          <UserName>$Config/UserName$</UserName>

          <Password>$Config/Password$</Password>

          <Command>cat /etc/opt/microsoft/scx/ssl/scx.pem</Command>

          <TimeoutSeconds>$Config/TimeoutSeconds$</TimeoutSeconds>

          <IgnoreElevation>false</IgnoreElevation>

        </ProbeAction>

        <WriteAction ID="CertSign" TypeID="Microsoft.Unix.SCXCert.WriteAction">

          <Certificate>$Data///stdout$</Certificate>

        </WriteAction>

        <WriteAction ID="WriteFileWA" TypeID="Windows!Microsoft.Windows.PowerShellWriteAction">

          <ScriptName>WriteCertTempFile.ps1</ScriptName>

          <ScriptBody><Script>

		Param ([string]$Certificate,[string]$TargetSystem)

		$TempDir = [System.Environment]::ExpandEnvironmentVariables("%TEMP%")

		$TargetDir = $TempDir + "\SCXCert\" +"$TargetSystem"

		$TargetFile = $TargetDir  + "\scx.pem"

		If (!(Test-Path $TargetDir)){

			  New-Item $TargetDir -type directory

		}

		$Certificate|out-file $TargetFile -encoding ascii

		    </Script></ScriptBody>

          <Parameters>

            <Parameter>

              <Name>Certificate</Name>

              <Value>"$Data///certificate$"</Value>

            </Parameter>

            <Parameter>

              <Name>TargetSystem</Name>

              <Value>$Config/Host$</Value>

            </Parameter>

          </Parameters>

          <TimeoutSeconds>300</TimeoutSeconds>

        </WriteAction>

        <WriteAction ID="SFTPPutCert" TypeID="Microsoft.Unix.SFTPTransfer.SecureTransfer.WriteAction">

          <Host>$Config/Host$</Host>

          <Port>$Config/Port$</Port>

          <UserName>$Config/UserName$</UserName>

          <Password>$Config/Password$</Password>

          <SourceFile>%Temp%\SCXCert\$Config/Host$\scx.pem</SourceFile>

          <TimeoutSeconds>$Config/TimeoutSeconds$</TimeoutSeconds>

        </WriteAction>

        <WriteAction ID="DeleteFileWA" TypeID="Windows!Microsoft.Windows.PowerShellWriteAction">

          <ScriptName>DeleteCertTempFile.ps1</ScriptName>

          <ScriptBody><Script>

			Param ([string]$TargetSystem)

			$TempDir = [System.Environment]::ExpandEnvironmentVariables("%TEMP%")

		  $TargetDir = $TempDir + "\SCXCert\" +"$TargetSystem"

		  $TargetFile = $TargetDir  + "\scx.pem"

      If (Test-Path $TargetFile){

        Remove-item $TargetFile

      }

      If (Test-Path $TargetDir){

        Remove-item $TargetDir

      }        

		     </Script></ScriptBody>

          <Parameters>

            <Parameter>

              <Name>TargetSystem</Name>

              <Value>$Config/Host$</Value>

            </Parameter>

          </Parameters>

          <TimeoutSeconds>300</TimeoutSeconds>

        </WriteAction>

        <WriteAction ID="RestartAgentCommand" TypeID="Microsoft.Unix.SSHCommand.WriteAction">

          <Host>$Config/Host$</Host>

          <Port>$Config/Port$</Port>

          <UserName>$Config/UserName$</UserName>

          <Password>$Config/Password$</Password>

          <Command>cp /tmp/scx-@@user@@/scx.pem /etc/opt/microsoft/scx/ssl/scx.pem; rm -rf /tmp/scx-@@user@@; /opt/microsoft/scx/bin/tools/scxadmin -restart</Command>

          <TimeoutSeconds>$Config/TimeoutSeconds$</TimeoutSeconds>

        </WriteAction>

      </MemberModules>

      <Composition>

        <Node ID="RestartAgentCommand">

          <Node ID="DeleteFileWA">

            <Node ID="SFTPPutCert">

              <Node ID="WriteFileWA">

                <Node ID="CertSign">

                  <Node ID="SSHGetCertCommand"/>

                </Node>

              </Node>

            </Node>

          </Node>

        </Node>

      </Composition>

    </Composite>

  </ModuleImplementation>

  <OutputType>System!System.BaseData</OutputType>

  <InputType>System!System.BaseData</InputType>

</WriteActionModuleType>