There is a typo at the switch where it adds the parameters to call Unprotect-Data. The Value ByCertificae should be ByCertificate
Switch ($PSCmdlet.ParameterSetName) {
'ByCertificae' { $UnprotectDataParams.Add('Certificate', $Certificate)}
'ByPassword' { $UnprotectDataParams.Add('Password', $Password) }
}Line 110
Because of that the Parameter Certificate is never added. This results in Unprotect-Data to determine the required Certificate by its automation which searches the following locations:
Cert:\CurrentUser\My
Cert:\LocalMachine\My
This results in irittating behavior where you can decrypt a secret with an command like this:
Unprotect-Datum -Base64Data $encCredential -Certificate ' '
There is a typo at the switch where it adds the parameters to call Unprotect-Data. The Value
ByCertificaeshould beByCertificateLine 110
Because of that the Parameter
Certificateis never added. This results in Unprotect-Data to determine the required Certificate by its automation which searches the following locations:Cert:\CurrentUser\MyCert:\LocalMachine\MyThis results in irittating behavior where you can decrypt a secret with an command like this: