From 86186f38873cd0596810eb3f377d1f9e1b64238b Mon Sep 17 00:00:00 2001 From: James Ruskin Date: Thu, 5 Feb 2026 12:01:29 +0000 Subject: [PATCH 1/2] (maint) Rename MyCertificate to Certificate Switching variable name in order to match other code style. --- Start-C4bCcmSetup.ps1 | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/Start-C4bCcmSetup.ps1 b/Start-C4bCcmSetup.ps1 index 3fb453b..904c0dd 100644 --- a/Start-C4bCcmSetup.ps1 +++ b/Start-C4bCcmSetup.ps1 @@ -51,7 +51,7 @@ param( } ) ) -process { +try { $DefaultEap = $ErrorActionPreference $ErrorActionPreference = 'Stop' Start-Transcript -Path "$env:SystemDrive\choco-setup\logs\Start-C4bCcmSetup-$(Get-Date -Format 'yyyyMMdd-HHmmss').txt" @@ -165,17 +165,18 @@ process { Write-Warning "You specified $Thumbprint for use with CCM service, but the certificate is not in the required LocalMachine\TrustedPeople store!" Write-Warning "Please place certificate with thumbprint: $Thumbprint in the LocalMachine\TrustedPeople store and re-run this step" throw "Certificate not in correct location... exiting." - } elseif ($MyCertificate = Get-Item Cert:\LocalMachine\My\$Thumbprint -EA 0) { + } elseif ($Certificate = Get-Item Cert:\LocalMachine\My\$Thumbprint -EA 0) { Write-Verbose "Copying certificate from 'Personal' store to 'TrustedPeople'" - Copy-CertToStore $MyCertificate + Copy-CertToStore $Certificate } else { Write-Verbose "Certificate has been successfully found in correct store" } $chocoArgs += @("--package-parameters='/CertificateThumbprint=$Thumbprint'") } & Invoke-Choco @chocoArgs - - if (-not $MyCertificate) { $MyCertificate = Get-Item Cert:\LocalMachine\My\* } + + # If not specified, the installation will have generated a certificate + if (-not $Certificate) { $Certificate = Get-Item Cert:\LocalMachine\My\* } Write-Host "Installing Chocolatey Central Management Website" $chocoArgs = @('install', 'chocolatey-management-web', "--source='ChocolateyInternal'", '-y', "--package-parameters-sensitive=""'/ConnectionString:Server=Localhost\SQLEXPRESS;Database=ChocolateyManagement;User ID=$DatabaseUser;Password=$DatabaseUserPw;'""", '--no-progress') @@ -215,12 +216,12 @@ process { # Set a default value for TrustCertificate if we're using a self-signed cert '(?\s+\$TrustCertificate)(?\s*=\s*\$true)?(?,)?(?!\))' = "`${Parameter}$( - if (Test-SelfSignedCertificate -Certificate $MyCertificate) {' = $true'} + if (Test-SelfSignedCertificate -Certificate $Certificate) {' = $true'} )`${Comma}" } # Create the site hosting the certificate import script on port 80 - if ($MyCertificate.NotAfter -gt (Get-Date).AddYears(5)) { + if ($Certificate.NotAfter -gt (Get-Date).AddYears(5)) { .\scripts\New-IISCertificateHost.ps1 } @@ -265,7 +266,7 @@ process { } Write-Host "Chocolatey Central Management Setup has now completed" -ForegroundColor Green - +} finally { $ErrorActionPreference = $DefaultEap Stop-Transcript } \ No newline at end of file From efa47f938bfcdb3171a4cd91f02e21b0011a7122 Mon Sep 17 00:00:00 2001 From: James Ruskin Date: Thu, 5 Feb 2026 12:11:23 +0000 Subject: [PATCH 2/2] (#312) Fixes Self-Signed Misidentification In some circumstances, environments were being identified as using a self-signed certificate incorrectly. I believe this was down to $MyCertificate not being set. This change should fix those scenarios. --- Start-C4bCcmSetup.ps1 | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/Start-C4bCcmSetup.ps1 b/Start-C4bCcmSetup.ps1 index 904c0dd..3d3d186 100644 --- a/Start-C4bCcmSetup.ps1 +++ b/Start-C4bCcmSetup.ps1 @@ -170,13 +170,14 @@ try { Copy-CertToStore $Certificate } else { Write-Verbose "Certificate has been successfully found in correct store" + $Certificate = Get-Item Cert:\LocalMachine\TrustedPeople\$Thumbprint } $chocoArgs += @("--package-parameters='/CertificateThumbprint=$Thumbprint'") } & Invoke-Choco @chocoArgs # If not specified, the installation will have generated a certificate - if (-not $Certificate) { $Certificate = Get-Item Cert:\LocalMachine\My\* } + if (-not $Certificate) { $Certificate = Get-Item Cert:\LocalMachine\TrustedPeople\* } Write-Host "Installing Chocolatey Central Management Website" $chocoArgs = @('install', 'chocolatey-management-web', "--source='ChocolateyInternal'", '-y', "--package-parameters-sensitive=""'/ConnectionString:Server=Localhost\SQLEXPRESS;Database=ChocolateyManagement;User ID=$DatabaseUser;Password=$DatabaseUserPw;'""", '--no-progress')