|
| 1 | +<# |
| 2 | + .SYNOPSIS |
| 3 | + Adds an SSL certificate binding for SQL Server Reporting Services. |
| 4 | +
|
| 5 | + .DESCRIPTION |
| 6 | + Adds an SSL certificate binding for SQL Server Reporting Services or |
| 7 | + Power BI Report Server by calling the `CreateSSLCertificateBinding` |
| 8 | + method on the `MSReportServer_ConfigurationSetting` CIM instance. |
| 9 | +
|
| 10 | + This command binds an SSL certificate to a specific application, |
| 11 | + IP address, and port for the Reporting Services instance. URL reservations |
| 12 | + must be set prior for the specified application to determine if the TLS/SSL |
| 13 | + certificate binding is valid. |
| 14 | +
|
| 15 | + The configuration CIM instance can be obtained using the |
| 16 | + `Get-SqlDscRSConfiguration` command and passed via the pipeline. |
| 17 | +
|
| 18 | + .PARAMETER Configuration |
| 19 | + Specifies the `MSReportServer_ConfigurationSetting` CIM instance for |
| 20 | + the Reporting Services instance. This can be obtained using the |
| 21 | + `Get-SqlDscRSConfiguration` command. This parameter accepts pipeline |
| 22 | + input. |
| 23 | +
|
| 24 | + .PARAMETER Application |
| 25 | + Specifies the application for which to create the SSL binding. |
| 26 | + Valid values are: |
| 27 | + - 'ReportServerWebService': The Report Server Web Service. |
| 28 | + - 'ReportServerWebApp': The Reports web application (SQL Server 2016+). |
| 29 | + - 'ReportManager': The Report Manager (SQL Server 2014 and earlier). |
| 30 | +
|
| 31 | + .PARAMETER CertificateHash |
| 32 | + Specifies the thumbprint (hash) of the SSL certificate to bind. |
| 33 | + The certificate must be installed in the local machine certificate |
| 34 | + store. |
| 35 | +
|
| 36 | + .PARAMETER IPAddress |
| 37 | + Specifies the IP address for the SSL binding. Use '0.0.0.0' to bind |
| 38 | + to all IP addresses. Default value is '0.0.0.0'. |
| 39 | +
|
| 40 | + .PARAMETER Port |
| 41 | + Specifies the port number for the SSL binding. Default value is 443. |
| 42 | +
|
| 43 | + .PARAMETER Lcid |
| 44 | + Specifies the language code identifier (LCID) for the operation. |
| 45 | + If not specified, defaults to the operating system language. Common |
| 46 | + values include 1033 for English (US). |
| 47 | +
|
| 48 | + .PARAMETER PassThru |
| 49 | + If specified, returns the configuration CIM instance after adding |
| 50 | + the SSL certificate binding. |
| 51 | +
|
| 52 | + .PARAMETER Force |
| 53 | + If specified, suppresses the confirmation prompt. |
| 54 | +
|
| 55 | + .EXAMPLE |
| 56 | + Get-SqlDscRSConfiguration -InstanceName 'SSRS' | Add-SqlDscRSSslCertificateBinding -Application 'ReportServerWebService' -CertificateHash 'A1B2C3D4E5F6...' |
| 57 | +
|
| 58 | + Adds an SSL certificate binding for the Report Server Web Service |
| 59 | + using the default IP address (0.0.0.0) and port (443). |
| 60 | +
|
| 61 | + .EXAMPLE |
| 62 | + $config = Get-SqlDscRSConfiguration -InstanceName 'SSRS' |
| 63 | + Add-SqlDscRSSslCertificateBinding -Configuration $config -Application 'ReportServerWebApp' -CertificateHash 'A1B2C3D4E5F6...' -Port 8443 -Confirm:$false |
| 64 | +
|
| 65 | + Adds an SSL certificate binding on port 8443 without confirmation. |
| 66 | +
|
| 67 | + .EXAMPLE |
| 68 | + Get-SqlDscRSConfiguration -InstanceName 'SSRS' | Add-SqlDscRSSslCertificateBinding -Application 'ReportServerWebService' -CertificateHash 'A1B2C3D4E5F6...' -PassThru |
| 69 | +
|
| 70 | + Adds the SSL binding and returns the configuration CIM instance. |
| 71 | +
|
| 72 | + .INPUTS |
| 73 | + `Microsoft.Management.Infrastructure.CimInstance` |
| 74 | +
|
| 75 | + Accepts MSReportServer_ConfigurationSetting CIM instance via pipeline. |
| 76 | +
|
| 77 | + .OUTPUTS |
| 78 | + None. By default, this command does not generate any output. |
| 79 | +
|
| 80 | + .OUTPUTS |
| 81 | + `Microsoft.Management.Infrastructure.CimInstance` |
| 82 | +
|
| 83 | + When PassThru is specified, returns the MSReportServer_ConfigurationSetting |
| 84 | + CIM instance. |
| 85 | +
|
| 86 | + .NOTES |
| 87 | + The Reporting Services service may need to be restarted for the change |
| 88 | + to take effect. |
| 89 | +
|
| 90 | + .LINK |
| 91 | + https://docs.microsoft.com/en-us/sql/reporting-services/wmi-provider-library-reference/configurationsetting-method-createsslcertificatebinding |
| 92 | +#> |
| 93 | +function Add-SqlDscRSSslCertificateBinding |
| 94 | +{ |
| 95 | + [System.Diagnostics.CodeAnalysis.SuppressMessageAttribute('UseSyntacticallyCorrectExamples', '', Justification = 'Because the examples use pipeline input the rule cannot validate.')] |
| 96 | + [CmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'Medium')] |
| 97 | + [OutputType([System.Object])] |
| 98 | + param |
| 99 | + ( |
| 100 | + [Parameter(Mandatory = $true, ValueFromPipeline = $true)] |
| 101 | + [System.Object] |
| 102 | + $Configuration, |
| 103 | + |
| 104 | + [Parameter(Mandatory = $true)] |
| 105 | + [ValidateSet('ReportServerWebService', 'ReportServerWebApp', 'ReportManager')] |
| 106 | + [System.String] |
| 107 | + $Application, |
| 108 | + |
| 109 | + [Parameter(Mandatory = $true)] |
| 110 | + [System.String] |
| 111 | + $CertificateHash, |
| 112 | + |
| 113 | + [Parameter()] |
| 114 | + [System.String] |
| 115 | + $IPAddress = '0.0.0.0', |
| 116 | + |
| 117 | + [Parameter()] |
| 118 | + [System.Int32] |
| 119 | + $Port = 443, |
| 120 | + |
| 121 | + [Parameter()] |
| 122 | + [System.Int32] |
| 123 | + $Lcid, |
| 124 | + |
| 125 | + [Parameter()] |
| 126 | + [System.Management.Automation.SwitchParameter] |
| 127 | + $PassThru, |
| 128 | + |
| 129 | + [Parameter()] |
| 130 | + [System.Management.Automation.SwitchParameter] |
| 131 | + $Force |
| 132 | + ) |
| 133 | + |
| 134 | + process |
| 135 | + { |
| 136 | + if ($Force.IsPresent -and -not $Confirm) |
| 137 | + { |
| 138 | + $ConfirmPreference = 'None' |
| 139 | + } |
| 140 | + |
| 141 | + $instanceName = $Configuration.InstanceName |
| 142 | + |
| 143 | + if (-not $PSBoundParameters.ContainsKey('Lcid')) |
| 144 | + { |
| 145 | + $Lcid = (Get-OperatingSystem).OSLanguage |
| 146 | + } |
| 147 | + |
| 148 | + Write-Verbose -Message ($script:localizedData.Add_SqlDscRSSslCertificateBinding_Adding -f $CertificateHash, $Application, $instanceName) |
| 149 | + |
| 150 | + $descriptionMessage = $script:localizedData.Add_SqlDscRSSslCertificateBinding_ShouldProcessDescription -f $CertificateHash, $Application, $instanceName |
| 151 | + $confirmationMessage = $script:localizedData.Add_SqlDscRSSslCertificateBinding_ShouldProcessConfirmation -f $CertificateHash, $Application |
| 152 | + $captionMessage = $script:localizedData.Add_SqlDscRSSslCertificateBinding_ShouldProcessCaption |
| 153 | + |
| 154 | + if ($PSCmdlet.ShouldProcess($descriptionMessage, $confirmationMessage, $captionMessage)) |
| 155 | + { |
| 156 | + $invokeRsCimMethodParameters = @{ |
| 157 | + CimInstance = $Configuration |
| 158 | + MethodName = 'CreateSSLCertificateBinding' |
| 159 | + Arguments = @{ |
| 160 | + Application = $Application |
| 161 | + CertificateHash = $CertificateHash.ToLower() |
| 162 | + IPAddress = $IPAddress |
| 163 | + Port = $Port |
| 164 | + Lcid = $Lcid |
| 165 | + } |
| 166 | + } |
| 167 | + |
| 168 | + try |
| 169 | + { |
| 170 | + $null = Invoke-RsCimMethod @invokeRsCimMethodParameters -ErrorAction 'Stop' |
| 171 | + } |
| 172 | + catch |
| 173 | + { |
| 174 | + $PSCmdlet.ThrowTerminatingError( |
| 175 | + [System.Management.Automation.ErrorRecord]::new( |
| 176 | + ($script:localizedData.Add_SqlDscRSSslCertificateBinding_FailedToAdd -f $instanceName, $_.Exception.Message), |
| 177 | + 'ASRSSCB0001', |
| 178 | + [System.Management.Automation.ErrorCategory]::InvalidOperation, |
| 179 | + $Configuration |
| 180 | + ) |
| 181 | + ) |
| 182 | + } |
| 183 | + } |
| 184 | + |
| 185 | + if ($PassThru.IsPresent) |
| 186 | + { |
| 187 | + return $Configuration |
| 188 | + } |
| 189 | + } |
| 190 | +} |
0 commit comments