Remove-TppCertificate needs to updated

[jmeldrum76]

Hi,

Remove-TppCertificate works as you have it designed; however, The Venafi DELETE Certificates/{guid} API not only deletes the certificate but also removes the application/device objects as long as there are not additional child objects.

From Document:

"The Application object, associated with the certificate, has no children or only Generational Credential children after the Certificate object is deleted. "

This would be really helpful and would make this function way more useful.

Thanks again for your consideration.

Regards,

Jeremy Meldrum

[gdbarron]

Hey Jeremy, thanks for your post. I might just be having one of those days, and with my day job schedule lately I wouldn't be surprised, but I'm not following what the suggestion is. Remove-TppCertificate already uses that api. Could you please explain a bit more? Interesting though, now that I re-read through all this, it sounds as if -Force doesn't provide any additional functionality. I wonder if this changed in the api at some point.

[gdbarron]

@jmeldrum76, just following up. Thanks.

[jmeldrum76]

Hi Greg, Justin pinged me to comment. Sorry for the lat response.

If you use the native API it deletes the Certificate and the Device and application when there are no more than one associated application. when I use your command it deletes the certificate but orphans the application and device.

Let me know if that makes sense.

Thanks,

Jeremy Meldrum

[gdbarron]

Thanks, @jmeldrum76, that does make sense. Remove-TppCertificate removes the certificate by default and if there are multiple associations, gives you the option of still removing the certificate by removing the associations ahead of time with -Force. The module isn't just a wrapper for the API, but tries to add some additional logic/functionality. I could see adding an option to remove all associated objects in addition to the cert.

Just so I understand the history and can make an informed decision on how to proceed, could you explain why DELETE Certificates/{guid} works the way it does? Why delete the app/device if only 1 association?

[gdbarron]

@jmeldrum76 just following up, thanks. Including @BeardedPrincess as well.

[wilddev65]

Hey @jmeldrum76 just an FYI, I will look at this as part of some work I'm doing for a customer and figure out a solution.

[jmeldrum76]

Perfect! From: Chris Lyttle ***@***.***> Sent: Tuesday, January 4, 2022 1:56 PM To: Venafi/VenafiPS ***@***.***> Cc: Jeremy Meldrum ***@***.***>; Mention ***@***.***> Subject: Re: [Venafi/VenafiPS] Remove-TppCertificate needs to updated (#4) Hey @jmeldrum76 [github.com]<https://urldefense.com/v3/__https:/github.com/jmeldrum76__;!!Ati4tGle!9xLEMrPboSP6HqFKlv6NH6nwenNPzow_B_nZPrN9qrpCx_YFGwOyVUReenquR6y-D3aA$> just an FYI, I will look at this as part of some work I'm doing for a customer and figure out a solution. — Reply to this email directly, view it on GitHub [github.com]<https://urldefense.com/v3/__https:/github.com/Venafi/VenafiPS/issues/4*issuecomment-1005163852__;Iw!!Ati4tGle!9xLEMrPboSP6HqFKlv6NH6nwenNPzow_B_nZPrN9qrpCx_YFGwOyVUReenquR9BEiQki$>, or unsubscribe [github.com]<https://urldefense.com/v3/__https:/github.com/notifications/unsubscribe-auth/AFB65JB4SWTKNBZGFCIE3RDUUNNFRANCNFSM44F7CRFA__;!!Ati4tGle!9xLEMrPboSP6HqFKlv6NH6nwenNPzow_B_nZPrN9qrpCx_YFGwOyVUReenquR5Ky3rsd$>. Triage notifications on the go with GitHub Mobile for iOS [apps.apple.com]<https://urldefense.com/v3/__https:/apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675__;!!Ati4tGle!9xLEMrPboSP6HqFKlv6NH6nwenNPzow_B_nZPrN9qrpCx_YFGwOyVUReenquRwdK_g_r$> or Android [play.google.com]<https://urldefense.com/v3/__https:/play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign*3Dnotification-email*26utm_medium*3Demail*26utm_source*3Dgithub__;JSUlJSU!!Ati4tGle!9xLEMrPboSP6HqFKlv6NH6nwenNPzow_B_nZPrN9qrpCx_YFGwOyVUReenquR8M-3-ks$>. You are receiving this because you were mentioned.Message ID: ***@***.******@***.***>>