I've been trying for some time to find a way to retrieve output from certificates at our Cloud Classic resource.
We have a Cloud Management Gateway which stores certs in a Cloud Service. As a part of monitoring that i would like to find a way of pulling out that data with powershell.
Anyone have any experience with this? Haven't been able yet to find anything that works.
If you want to retrieve the certificate from the Azure cloud service, we can use the command Get-AzureCertificate
For example
create Run as account in azure automation account
Script
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName testcloud05
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName "<your cloud service name>"
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.