Azure PowerShell Retrieve Cloud Classic Certificates
Question
I've been trying for some time to find a way to retrieve output from certificates at our Cloud Classic resource.
We have a Cloud Management Gateway which stores certs in a Cloud Service. As a part of monitoring that i would like to find a way of pulling out that data with powershell.
Anyone have any experience with this? Haven't been able yet to find anything that works.
1 answers
solution1
1 ACCPTED 2021-01-11 02:06:53
If you want to retrieve the certificate from the Azure cloud service, we can use the command Get-AzureCertificate
For example
create Run as account in azure automation account
Script
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName testcloud05
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName "<your cloud service name>"
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.