1E 8.1 (on-premises)

Attempting to make a connection to a Tachyon server over SSL with NTLM authentication does not work. This is a known issue with PowerShell Core but it’s not clear if Microsoft have any plans to address it.

If you are unable to load the toolkit module with import-module, check that the two files match in case, they should be:

On Windows, filenames are not case-sensitive, but if the case doesn’t match exactly as shown on Linux, you cannot load the toolkit module.

Linux does not have a certificate store that works the way it does on Windows. However, the .NET environment under Linux does emulate the Windows certificate store. It does so by storing certificates in a folder tree whose structure is not specified - you should never interact directly with the files. However, the System.Security.Cryptography.X509Certificates namespace does support certificate storage and retrieval operations that function pretty much as they would in a Windows environment.

This includes all the core cryptographic operations that are required by platform-neutral authentication.

However, PowerShell on Linux does not support the certificate store as a virtual drive (that is, prefixed with cert:). This means that you have to call the underlying .NET assemblies to interact with the certificate store. Once you have retrieved an X509Certificate, all remaining operations work the same on that certificate.

Version 1.1.32 and later of the PowerShell toolkit transparently interact with the certificate store on Linux by detecting the OS that the toolkit is running on.

PowerShell on Linux does not support the new-selfsignedcertificate cmdlet (or the other certificate management cmdlets) but there is a downloadable .NET utility that can be used to import .PFX files into the .NET certificate store on Linux. For more information, see medium.com/gsoft-tech/certificates-in-net-core-on-linux-and-docker-29b3d5f09cd6.

To get this utility installed, you must install the .NET SDK on the Linux target to ensure that the required support components are available. This is separate from installing PowerShell Core, which only bundles the .NET runtime components it relies on.

The set-tachyonserver cmdlet will operate exactly as it does in Windows environments, but you can only connect to a Tachyon server running platform-neutral authentication. (Or probably basic authentication, either directly or via the Tachyon proxy.)

You can authenticate interactively, or by supplying an -AppId and -CertSubject or -CertThumbprint parameter to use a signed JWT, just as you do in the Windows environment.

You can also request a Tachyon platform token using the get-tachyonplatformtoken cmdlet. The platform token certificate must be in the cert store to do this.

The tool mentioned earlier has a command line option to do this. Additionally, the get-tachyoncertificatethumbprint cmdlet in the PS toolkit does operate in the Linux environment. You would normally specify CurrentUser\My as the certificate store rather than LocalMachine\My when using this cmdlet.