How to Install PFX Certificate on NetScaler

September 8, 2014 ~ Anton Khitrenovich ~ Leave a comment

OpenSSL From time to time I have to create a new virtual server on my NetScaler box, along with a new SSL certificate. Recent NetScaler versions provide you an easy option to create a test certificate with one click, but at some point you will need a real certificate there. In may cases the certificate you have is in FPX (aka PKCS#12) format, while NetScaler requires certificate and key pair in PEM or DES format. Solving this puzzle may not be so easy.

Fortunately, NetScaler itself comes with embedded OpenSSL support, and the following steps will help you handle certificate installation task even without deep OpenSSL knowledge.

root@ns1#
root@ns1# pwd
/nsconfig/ssl
root@ns1# ls my-test*
my-test.pfx
root@ns1# openssl pkcs12 -nokeys -in my-test.pfx -out my-test.cert
Enter Import Password:
MAC verified OK
root@ns1# openssl pkcs12 -nocerts -nodes -in my-test.pfx -out my-test.key
Enter Import Password:
MAC verified OK
root@ns1# ls my-test*
my-test.cert    my-test.key     my-test.pfx
root@ns1#
root@ns1#

Pay attention to the highlighted lines above – those are the commands that create certificate and keys files respectively. Continue reading “How to Install PFX Certificate on NetScaler” →

Windows Azure PowerShell

May 11, 2014 ~ Anton Khitrenovich ~ 1 Comment

Windows Azure PowerShell is a module that provides cmdlets to manage Azure through Windows PowerShell.

Here you can find an official documentation on how to install and configure Azure PowerShell. But in a nutshell, there are two simple steps.

Step 1:
Download and run Microsoft Web Platform installer, which will guide you through the Windows Azure PowerShell installation. The process is a bit lengthy and includes some heavy Microsoft components, such as IIS Express and SQL Server Express. Note that a system restart may (will?) be required during the installation, so prepare accordingly.

Step 2:
Open Azure PowerShell and configure it to use your Azure account, as explained in the documentation.
Two methods are available – via your Azure credentials (with session available for the next 12 hours) and certificate-based. The former did not work in my case, resulting in some strange error, so I had no choice but to go with certificates option. Surprisingly, the setup went extremely easy. First, download your settings file with Get-AzurePublishSettingsFile cmdlet. Second, import the resulting file with Import-AzurePublishSettingsFile cmdlet and delete the file from the local system.

The sources for Microsoft Azure PowerShell cmdlets are available on GitHub, as well as the changelog.

How to check MSI version in PowerShell

January 22, 2014January 22, 2014 ~ Anton Khitrenovich ~ 2 Comments

It appears that checking MSI version in PowerShell is much less trivial than checking DLL version. Yet, the following script can do it for you. Most of the credits for the script go to this StackOverflow question.

###############################################################
# Name:         GetMsiVersion.ps1
# Description:  Prints out MSI installer version
# Usage:        GetMsiVersion.ps1 <path to MSI>
# Credits:      http://stackoverflow.com/q/8743122/383673
###############################################################
param (
    [IO.FileInfo] $MSI
)

if (!(Test-Path $MSI.FullName)) {
    throw "File '{0}' does not exist" -f $MSI.FullName
}

try {
    $windowsInstaller = New-Object -com WindowsInstaller.Installer
    $database = $windowsInstaller.GetType().InvokeMember(
        "OpenDatabase", "InvokeMethod", $Null,
        $windowsInstaller, @($MSI.FullName, 0)
    )

    $q = "SELECT Value FROM Property WHERE Property = 'ProductVersion'"
    $View = $database.GetType().InvokeMember(
        "OpenView", "InvokeMethod", $Null, $database, ($q)
    )

    $View.GetType().InvokeMember("Execute", "InvokeMethod", $Null, $View, $Null)
    $record = $View.GetType().InvokeMember( "Fetch", "InvokeMethod", $Null, $View, $Null )
    $version = $record.GetType().InvokeMember( "StringData", "GetProperty", $Null, $record, 1 )

    return $version
} catch {
    throw "Failed to get MSI file version: {0}." -f $_
}

Here is the execution sample:

C:\>powershell -ExecutionPolicy bypass -File GetMsiVersion.ps1 "C:\Program Files (x86)\Google\Update\1.3.21.79\GoogleUpdateHelper.msi"
1.3.21.79

C:\>

Enjoy!

How to check DLL version in PowerShell

January 22, 2014January 22, 2014 ~ Anton Khitrenovich ~ 2 Comments

Checking DLL version in PowerShell is extremely easy.

Here is the script that does it for you. Note that the real code fits in a single line (lines 17-18, I just split it out for readability). Other 20+ lines are dedicated to script header, input validation and exception handling.

###############################################################
# Name:         GetDllVersion.ps1
# Description:  Prints out DLL version
# Usage:        GetDllVersion.ps1 <path to DLL>
# Author:       Anton Khitrenovich, Jan 2014
###############################################################
param(
    [string]$DLL
)

if (!(Test-Path $DLL)) {
    throw "File '{0}' does not exist" -f $DLL
}

try {
    $version =
        Get-ChildItem $DLL | Select-Object -ExpandProperty VersionInfo |
            Select-Object FileVersion | Select-Object -ExpandProperty FileVersion

    return $version
} catch {
    throw "Failed to get DLL file version: {0}." -f $_
}

Here is the execution sample:

C:\>powershell -ExecutionPolicy bypass -File C:\GetDllVersion.ps1 "C:\Program Files\Java\jre7\bin\java.dll"
7.0.250.17

C:\>

Enjoy!

How to run PowerShell script from Ant

January 22, 2014January 22, 2014 ~ Anton Khitrenovich ~ 2 Comments

Yesterday I was looking for a good recipe of how to run PowerShell script from Ant build file. Unfortunately, it seems that most of the people are looking for an advise on exactly the opposite – how to run Ant from PowerShell. So, I did some trial and error on my own, and here are the results.

The following Ant snippet executes PowerShell script MyScript.ps1 in the current directory and verifies that it did not fail. The result of the script execution is stored in myscript.out property.

<exec dir="." executable="powershell" timeout="5000" failonerror="true"
        outputproperty="myscript.out" errorproperty="myscript.error">
    <arg line="-ExecutionPolicy bypass" />
    <arg line="-File MyScript.ps1" />
</exec>
<if>
    <not>
        <equals arg1="${myscript.error}" arg2="" trim="true" />
    </not>
    <then>
        <fail message="${myscript.error}" />
    </then>
</if>

The main caveat here is the error checking. Despite the failonerror flag, the exec task will not fail in case of many errors – like compilation issues, missing parameters and other runtime errors. This happens because the task verifies invocation of PowerShell itself and not the script execution, which is handled inside PowerShell. The solution is to capture error stream into dedicated property and verify that nothing was actually written there.

Pay attention that if tag (lines 6-13) requires ant-contrib tasks library available. The same condition may be rewritten in less readable form with pure Ant:

<fail message="${myscript.error}">
    <condition>
        <not>
            <equals arg1="${myscript.error}" arg2="" trim="true" />
        </not>
    </condition>
</fail>

Another note is the bypass of default execution policy on line 3. This is not specific to Ant, but rather to PowerShell in general. There are a lot of discussions on the net about the topic, so I won’t cover it here.