cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Problem uploading PFX cert to Azure Automation account (now password prompt)

Jeremy Bradshaw
Steel Contributor

‎Sep 11 2020 08:21 AM

‎Sep 11 2020 08:21 AM

Problem uploading PFX cert to Azure Automation account (now password prompt)

Wondering if anyone knows the secret solution for this:  In Azure Portal, while under an Automation Account > Certificates > Add a certificate, I can successfully browse to and upload my PFX certificate, but there is nowhere for me to enter its password.

Screenshot of Azure Portal with no box for the passwordScreenshot of Azure Portal with no box for the password

I've tried the Edge browser (modern one), then tried IE, where I chose to download the new preview Azure Portal app, and the behavior is the same in there.  It's as though this is a broken thing and there is no mention of it on the internet...  Surely I'm not the only one trying to upload PFX certs into an Azure Automation account.  Hopefully somebody knows a solution?

2,987 Views
0 Likes
2 Replies
Reply
2 Replies
best response confirmed by Jeremy Bradshaw (Steel Contributor)
hspinto

‎Sep 13 2020 10:04 AM

‎Sep 13 2020 10:04 AM

Solution

Re: Problem uploading PFX cert to Azure Automation account (now password prompt)

@Jeremy Bradshaw 

 

AFAIK, there isn't any issue with the Certificate upload UI in Azure Automation. Once you select a valid PFX file, the UI adds automatically two fields, being one them the password field, as you can see by the screenshot below. Are you sure the PFX was correctly generated? See below a sample PowerShell that generates a valid PFX.

 

$Cert = New-SelfSignedCertificate -DnsName "CertificateName" -CertStoreLocation cert:\LocalMachine\My -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddMonths(12) -HashAlgorithm SHA256

$CertPassword = ConvertTo-SecureString $PfxCertPlainPassword -AsPlainText -Force
Export-PfxCertificate -Cert ("Cert:\localmachine\my\" + $Cert.Thumbprint) -FilePath $certPath -Password $CertPassword -Force | Write-Verbose

 

Captura de ecrã 2020-09-13 180325.jpg

 

0 Likes
Reply
Jeremy Bradshaw

‎Sep 14 2020 05:16 AM

‎Sep 14 2020 05:16 AM

Re: Problem uploading PFX cert to Azure Automation account (now password prompt)

@hspinto Thanks for your help.  I am unable to reproduce my issue today using the same exact steps as last time.  The best I can think of is that my PFX password had an invalid character as I've seen a few posts on Stack Overflow about that issue.  I thought for sure I tested with a very basic password.

 

After I tested successfully using a PFX generated using your code, I got to comparing my code and then the two generated certs, both essentially identical.  If you'd like to spot my code, it is the last/3rd function in this module within my GitHub PowerShell repo:  https://github.com/JeremyTBradshaw/PowerShell/blob/master/.Modules/msGraphFunctions.psm1

 

One thing I'm going to do is take away my Subject parameter and replace it with a validation-backed DnsName parameter.  That's because I have a feeling maybe the subject was part of the issue, so I'll just let that generate based on my supplying the DnsName parameter instead.

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Jeremy Bradshaw (Steel Contributor)
hspinto

‎Sep 13 2020 10:04 AM

‎Sep 13 2020 10:04 AM

Solution

Re: Problem uploading PFX cert to Azure Automation account (now password prompt)

@Jeremy Bradshaw 

 

AFAIK, there isn't any issue with the Certificate upload UI in Azure Automation. Once you select a valid PFX file, the UI adds automatically two fields, being one them the password field, as you can see by the screenshot below. Are you sure the PFX was correctly generated? See below a sample PowerShell that generates a valid PFX.

 

$Cert = New-SelfSignedCertificate -DnsName "CertificateName" -CertStoreLocation cert:\LocalMachine\My -KeyExportPolicy Exportable -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" -NotAfter (Get-Date).AddMonths(12) -HashAlgorithm SHA256

$CertPassword = ConvertTo-SecureString $PfxCertPlainPassword -AsPlainText -Force
Export-PfxCertificate -Cert ("Cert:\localmachine\my\" + $Cert.Thumbprint) -FilePath $certPath -Password $CertPassword -Force | Write-Verbose

 

Captura de ecrã 2020-09-13 180325.jpg

 

View solution in original post

0 Likes
Reply