Cannot use certificate secret value stored in Key Vault in Azure Resource Template
Question
I am trying to deploy an Azure HD insight Spark template using Visual Studio. The HD insight cluster accesses a Data Lake and for Data Lake Storage i have created a service principal with a certificate. I have stored the certificate in Azure Vault as a secret and trying to access it in my Azure Resource Manager Template. However, it is throwing the following error Service Principal Details are invalid I have downloaded the certificate from a running cluster and there is nothing wrong with the certificate. I always use this certificate to create clusters through the Portal.
"reference": {
"keyVault": {
"id": "/subscriptions/e3f93473-xxx/resourceGroups/Production/providers/Microsoft.KeyVault/vaults/myvault"
},
"secretName": "certificateNew"
}
1 answers
solution1
0 2018-01-08 12:59:06
I had the same problem and managed to solve it by using the Powershell command on this page to convert the PFX certificate to a Base-64 string value. I then uploaded the string value to a secret in Key Vault.
$servicePrincipalCertificateBase64 = [System.Convert]::ToBase64String([System.IO.File]::ReadAllBytes(path-to-servicePrincipalCertificatePfxFile))
There are several scripts available on Github that convert a PFX to Base-64 and upload it to a Key Vault that you specify. I tried some of them, but somehow they converted to a format that caused problems while depoying the ARM template. The method I mentioned solved the problem in my case.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.