0
我已爲我的DSC Web拉取服務器(由我的內部CA頒發)創建了一個域證書並檢索了指紋。
我從inetmgr中導出了證書,並將其安裝在pull server(本地機器和用戶)上。
然後,我將指紋放在CertificateThumbprint參數的腳本中。所需的狀態配置HTTPS不起作用
但是,當我重新運行配置腳本來生成新的MOF並重新啓動DSC配置時,我仍然只能通過http而不是https訪問該站點。
當我嘗試使用https導航到拉服務器站點時,我收到TLS警告。 (我的Windows Server 2016年,PS版5.1)
乾杯
編輯:
下面是裏面的指紋產生財政部腳本。
configuration CreatePullServer
{
param
(
[string[]]$ComputerName = 'localhost'
)
Import-DSCResource -ModuleName xPSDesiredStateConfiguration
Import-DscResource -ModuleName PSDesiredStateConfiguration
Node $ComputerName
{
WindowsFeature DSCServiceFeature
{
Ensure = "Present"
Name = "DSC-Service"
}
xDSCWebService PSDSCPullServer
{
Ensure = "Present"
EndpointName = "PSDSCPullServer"
AcceptSelfSignedCertificates = $true
Port = 8080
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCPullServer"
CertificateThumbPrint = '881B26142BABAFEF7490FB1CD48EA1D572628087'
ModulePath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Modules"
ConfigurationPath = "$env:PROGRAMFILES\WindowsPowerShell\DscService\Configuration"
State = "Started"
UseSecurityBestPractices = $True
DependsOn = "[WindowsFeature]DSCServiceFeature"
}
xDscWebService PSDSCComplianceServer
{
Ensure = "Present"
EndpointName = "PSDSCComplianceServer"
Port = 9080
PhysicalPath = "$env:SystemDrive\inetpub\wwwroot\PSDSCComplianceServer"
CertificateThumbPrint = 'AllowUnencryptedTraffic'
State = "Started"
UseSecurityBestPractices = $True
DependsOn = ("[WindowsFeature]DSCServiceFeature","[xDSCWebService]PSDSCPullServer")
}
}
}
CreatePullServer -ComputerName pullsrv01 -verbose
And here is an image of the TLS message when I try to navigate to the https site
SO不是腳本編寫服務。請提供您自己的代碼示例 - 以及您收到的錯誤消息。由於你遇到的問題是更多的配置相關,我也認爲Serverfault是這個問題的更好的平臺。 – bluuf
感謝您的建議,我現在修改了這個問題。我也會在Serverfault上發佈。乾杯! –