WebAdministrationDsc 4.2.1 bug WebSite/DSC_WebBindingInformation/CertificateSubject -multi-line cert won't work

[quillypowers]

Problem description

In version 4.1.0 (and previous) I could specify my bindings to use a cert like below by just setting: CertificateSubject ='CN=My.Snazzy.cert.com' with a certificate that looks like below and everything was fine. SUBJECT: CN = My.Snazzy.cert.com O = Some place S = VA C = US But in 4.2.1 I get an error that it cannot find the certificate because it evaluates *most, but not all of the subject CN=My.Snazzy.cert.com, O=Some place

Verbose logs

I don't really have time to pull all this, it just cannot find the cert by subject due to additional lines in the cert subject.  If I use a cert that has nothing suffixed to it or is just "CN = My.Snazzy.cert.com", it still works fine.

DSC configuration

SslCert          = "CN=My.Snazzy.cert.com"

DSC_WebBindingInformation 
            {
                Protocol              = 'HTTPS'
                Port                  = 443
                CertificateSubject    = $Node.SslCert
                CertificateStoreName  = 'MY'
                IPAddress             = $IpBinding
            }

Suggested solution

Roll back cert subject compare piece

Operating system the target node is running

Windows Server 2019

PowerShell version and build the target node is running

5.1

WebAdministrationDsc version

4.2.1

[krishult]

We ran into same issue. Both in My Store and WebHosting store.

Error logged was just it unable to validate bindings because it couldn't find the cert:

[[WebSite]DirectResourceAccess] Looking for certificate in Store 'WebHosting' using filter '(($_.Subject -eq $Subject) -and (((Get-Date) -le $_.NotAfter) -and ((Get-Date) -ge $_.NotBefore)))'. (DRC0047)"},

[[WebSite]DirectResourceAccess] Unable to validate BindingInfo: \"The Subject \"CN=<cert subject>\" provided is not found on this host in store \"WebHosting\"\"."},

Was only able to resolve by going back to 4.1.0