When no password file can be found for certificate, it tries uploading anyways and breaks HTTPS of ArcGIS Server

[BrendanEsri]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request

Module Version

• 4.0.0

Affected Resource(s)

• ArcGIS_Server

Configuration Files

....
		{
			"NodeName": "MACHINE NAME",
			"Role": [
				"Server",
				"SQLServerClient",
				"DataStore"
			],
			"DataStoreTypes": [
				"Relational",
				"TileCache"
			],
			"SslCertificates": [{
				"Path": "C:\\Software\\Certificates\\CERT.pfx",
				"PasswordFilePath": "C:\\Software\\Passwords\\PWFILE.txt",
				"CNameFQDN": "MACHINE NAME",
				"SslRootOrIntermediate": [{
						"Alias": "ROOT",
						"Path": "C:\\Software\\Certificates\\ROOT.cer"
					},
					{
						"Alias": "INTER",
						"Path": "C:\\Software\\Certificates\\INTER.cer"
					},
					{
						"Alias": "ROOT2",
						"Path": "C:\\Software\\Certificates\\ROOT2.cer"
					},
					{
						"Alias": "INTER2",
						"Path": "C:\\Software\\Certificates\\INTER2.cer"
					}
				],
				"Target": [
					"Server",
					"DataStore"
				]
			}]
		},
....

Expected Behavior

Script should cancel out when there it cannot find a pw file

Actual Behavior

it continues to try to upload the cert with no password file

Steps to Reproduce

Important Factoids

run powershell dsc script against arcgis server and reference a pw file for a cert that doesn't exist but provide a cert that does exist

References

[cameronkroeker]

Hi @BrendanEsri,

This issue has been addressed in v4.2.1.

https://github.com/Esri/arcgis-powershell-dsc/releases/tag/v4.2.1

The module will now fail with an error message when the encrypted password file does not exist. For example the service account password file:

Invoke-ArcGISConfiguration .\my.json -DebugSwitch -EnableMSILogging -Mode Install

Password file C:\serviceaccount.txt does not exist.

At C:\Program Files\WindowsPowerShell\Modules\ArcGIS\ArcGIS.psm1:419 char:13
+             throw "Password file $($Object.PasswordFilePath) does not ...
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (Password file C...does not exist.:String) [], RuntimeException
    + FullyQualifiedErrorId : Password file C:\serviceaccount.txt does not exist.

Another example of when a ssl certificate password file does not exist:

ArcGISLicense - Completed

Password file C:\sslcertificatepass.txt does not exist.

At C:\Program Files\WindowsPowerShell\Modules\ArcGIS\ArcGIS.psm1:419 char:13
+             throw "Password file $($Object.PasswordFilePath) does not ...
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (Password file C...does not exist.:String) [], RuntimeException
    + FullyQualifiedErrorId : Password file C:\sslcertificatepass.txt does not exist.

This applies to all password files.

Thanks,
Cameron K.