Hacker-Software/starface-outlook-sync-addin
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 22 Wiki Activity

Fix cert export: use PFX instead of PEM for .NET Framework compat

Browse Source 
ExportPkcs8PrivateKey() is only available in .NET Core 3.0+
but Windows PowerShell 5.1 uses .NET Framework 4.x.
Switch to PFX export which works on all Windows versions.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
duffyduck
2026-04-03 10:02:27 +02:00
parent 60b44788fd
commit 69b3c417f1
2 changed files with 18 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
installer/setup.ps1
+10 -18
View File
@@ -282,28 +282,20 @@ $localhostParams = @{
$localhostCert = New-SelfSignedCertificate @localhostParams
Write-Step "Localhost-Zertifikat erstellt: $($localhostCert.Thumbprint)"
# Zertifikat und Key als PEM exportieren (fuer Node.js)
# Zertifikat als PFX exportieren (fuer Node.js)
# PFX funktioniert auf allen Windows-Versionen (.NET Framework + .NET Core)
Write-Step "Exportiere Zertifikate fuer den Webserver ..."
# Zertifikat als PEM
$certPem = "-----BEGIN CERTIFICATE-----`n"
$certPem += [Convert]::ToBase64String($localhostCert.RawData, [Base64FormattingOptions]::InsertLineBreaks)
$certPem += "`n-----END CERTIFICATE-----"
Set-Content -Path (Join-Path $certDir "localhost.crt") -Value $certPem -Encoding ASCII
$pfxPassword = [guid]::NewGuid().ToString()
$pfxSecure = ConvertTo-SecureString -String $pfxPassword -Force -AsPlainText
$pfxPath = Join-Path $certDir "localhost.pfx"
# Private Key als PEM
# .PrivateKey ist bei signierten Zertifikaten oft null, daher GetRSAPrivateKey() verwenden
$rsaKey = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($localhostCert)
if (-not $rsaKey) {
Write-Err "Private Key konnte nicht gelesen werden."
exit 1
}
$keyBytes = $rsaKey.ExportPkcs8PrivateKey()
Export-PfxCertificate -Cert $localhostCert -FilePath $pfxPath -Password $pfxSecure | Out-Null
$keyPem = "-----BEGIN PRIVATE KEY-----`n"
$keyPem += [Convert]::ToBase64String($keyBytes, [Base64FormattingOptions]::InsertLineBreaks)
$keyPem += "`n-----END PRIVATE KEY-----"
Set-Content -Path (Join-Path $certDir "localhost.key") -Value $keyPem -Encoding ASCII
# Passwort in config speichern (wird vom Server gelesen)
Set-Content -Path (Join-Path $certDir "pfx-password.txt") -Value $pfxPassword -Encoding ASCII
Write-Step "PFX-Zertifikat exportiert."
# CA-Zertifikat exportieren (fuer Deinstallation)
$caCertPem = "-----BEGIN CERTIFICATE-----`n"