This interesting article gives some background details on some of the problems I ran into after upgrading my DSC dev machine to WMF 5.0 10586. This is because in WMF5.0 the DSC credential encryption mechanism was converted to use Protect/Unprotect-CMSMessage. It clears up a lot of things for me and is a worthwhile read if you’re using DSC credential encryption on WMF5.0.
Windows PowerShell V5, due out sometime in 2015, sports a number of new features: OneGet, PowerShell Get, enhanced DSC, ConvertFrom-String, support for authoring classes in PowerShell script, Compress/Expand-Archive, support for creating symbolic links, hard links and junctions, etc.
One of the more obscure but useful features is the support for cryptographically protecting messages as documented in the IETF standard RFC5652. This involves the creation of a certificate which I will show you how to do. You can then protect and unprotect messages using that certificate. However, where it gets interesting is when you export a public certificate from the original certificate. You can give the public certificate to anybody and they can use that to encrypt (protect) a message. That message cannot not unencrypted (unprotected) by anyone except the individual that holds the original certificate. The original certificate contains both the public and private key. It is the private…
View original post 855 more words