Trust Server Certificate Switch

[mattmcnabb]

I've been using a modified version of Invoke-SqlCmd2 with an added switch -TrustServerCertificate for cases where the cert returned is not in the local trusted store. Generally I've used this for testing with a self-signed cert. Do you see any value in adding this to Invoke-SqlCmd2?

$FormatValues = $SQLInstance,$Database,$Credential.UserName,$Credential.GetNetworkCredential().Password,$ConnectionTimeout,$Encrypt,$TrustServerCertificate
$ConnectionString = "Server={0};Database={1};User ID={2};Password=`"{3}`";Trusted_Connection=False;Connect Timeout={4};Encrypt={5};TrustServerCertificate={6}" -f $FormatValues

[alevyinroc]

@mattmcnabb I have basic support for adding this parameter to the connection string in my branch https://github.com/alevyinroc/Invoke-SqlCmd2/tree/Fix-009

When my previous PR is approved & merged into master, I can do a PR to get that change merged in as well. I don't have a good way to test this at the moment though.

@RamblingCookieMonster can you please assign to me?

[mbourgon]

Howdy, @alevyinroc , did this ever get rolled in? I'm looking at the current version, and I don't see the trustservercertificate code in there, though obviously it's in yours. Just wondering if I need to just use the version in Fix-009 instead. Thanks!

[alevyinroc]

@mbourgon It has not. I honestly had forgotten about this, it's been over 5 years now. I suspect most if not all of this module's functionality has been consumed into dbatools's Invoke-DbaQuery, making this obsolete.

[mbourgon]

Not terribly surprised, but wanted to make sure.

Honestly, we have servers that get the bare minimum done to them. Patched, migrated when the OS falls out of extended support, and that’s it. This code has been a lifesaver over the years because it has zero dependencies on anything else. So I’m still able to use it on pretty much any server in our environment without any installs or Change Requests or restarts. I’ll use this one, then. Thanks!