We have 20+ applications and have to update to a new certificate. To avoid having to do a new build and release of all of these applications, some of which haven't been updated for some time, I chose to create a powershell script to update all send ports on the fly.
The script does not stop or start host instances. This could easily be incorporated; check my other blog entry on starting and stopging host instances.
The script uses the BizTalk ExplorerOM to access the settings which means nothing extra needs to be installed on the BizTalk servers.
This script looks long because it includes so much confirmation in the way of output for testing before the final run. The real logic is only 8 lines, including 4 lines of variable declarations.
This example changes two thumbprints at once. It could easily be modified up or down.
When testing comment out the the last line to skip saving the updates. To just output the updates, comment out the row updating the original value and uncomment the No Update line.
Don't forget to change the connection string to point to the correct management database instance!
Blog software may force some line breaks - and I added one underscore (_) to indicate I broke the line there.
The script does not stop or start host instances. This could easily be incorporated; check my other blog entry on starting and stopging host instances.
The script uses the BizTalk ExplorerOM to access the settings which means nothing extra needs to be installed on the BizTalk servers.
This script looks long because it includes so much confirmation in the way of output for testing before the final run. The real logic is only 8 lines, including 4 lines of variable declarations.
This example changes two thumbprints at once. It could easily be modified up or down.
$oldClientCert = "ee aa bb 11 22 33 44 55 66 77 88 99 00 ff dd cc ab cd ef 01"
$newClientCert = "ne wt hu mb pr in tg oe si nh er e0 00 00 00 00 00 00 00 00"
$oldServiceCert = "aa bb cc dd ee ff 00 11 22 33 44 55 66 77 88 99 12 23 34 56"
$newServiceCert = "34 2a 15 53 3e 7d 6a 0c 51 20 e4 50 6b 53 df 72 84 55 aa 6a"
[void] [System.reflection.Assembly]::LoadWithPartialName("Microsoft.BizTalk.ExplorerOM")
$Catalog = New-Object Microsoft.BizTalk.ExplorerOM.BtsCatalogExplorer
$Catalog.ConnectionString = "SERVER=DBINSTANCENAME;DATABASE=BizTalkMgmtDb;Integrated Security=SSPI"
#EnumerateSendPorts $Catalog
$port = $catalog.SendPorts[1]
Write-host "B4 ----> " $port.PrimaryTransport.TransportTypeData
$catalog.SendPorts | % {
# Line below replaces thumbprints - UPDATES ORIGINAL VALUE - BUT NO SAVE
$_.PrimaryTransport.TransportTypeData=_
($_.PrimaryTransport.TransportTypeData.Replace($oldServiceCert,$newServiceCert)).Replace($oldClientCert,$newClientCert);
# Line below replaces thumbprints and prints out the new TransportTypeData string - NO UPDATE TO ORIGINAL VALUE
#($_.PrimaryTransport.TransportTypeData.Replace($oldServiceCert,$newServiceCert)).Replace($oldClientCert,$newClientCert);
}
$port = $catalog.SendPorts[1]
Write-host "After ----> " $port.PrimaryTransport.TransportTypeData
#No changes are saved until the following line is run
$Catalog.SaveChanges();
When testing comment out the the last line to skip saving the updates. To just output the updates, comment out the row updating the original value and uncomment the No Update line.
Don't forget to change the connection string to point to the correct management database instance!
Blog software may force some line breaks - and I added one underscore (_) to indicate I broke the line there.
