Unable to test Signing key rotation

Copper Contributor

I am new to Microsoft graph and trying to rotate the Signingkey using the PowerShell commands given in the documentation at:

https://learn.microsoft.com/en-us/entra/identity-platform/signing-key-rollover#how-to-perform-a-manu... 

 

Update-MsIdApplicationSigningKeyThumbprint -ApplicationId <ApplicationId> -KeyThumbprint <PreviousKeyThumbprint>

 

This above command fails with the following error message:

 

 

Find-MgGraphCommand : 'Get-MgServicePrincipal' is not a valid Microsoft Graph PowerShell command. Please check the name and 
try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand
 
Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray
 
The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict
 
The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict
 
Find-MgGraphCommand : 'Update-MgServicePrincipal' is not a valid Microsoft Graph PowerShell command. Please check the name 
and try again.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2165 char:35
+ ... gCommands = Find-MgGraphCommand -Command $CommandName -ApiVersion $Ap ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [Write-Error], WriteErrorException
    + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Find-MgGraphCommand
 
Cannot index into a null array.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2167 char:13
+             $MgCommand = $MgCommands[0]
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : NullArray
 
The property 'Count' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2168 char:17
+             if ($MgCommands.Count -gt 1) {
+                 ~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict
 
The property 'Command' cannot be found on this object. Verify that the property exists.
At C:\Program Files\WindowsPowerShell\Modules\MSIdentityTools\2.0.48\MSIdentityTools.psm1:2184 char:13
+             $MgCommandLookup[$MgCommand.Command] = $MgCommand
+             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [], PropertyNotFoundException
    + FullyQualifiedErrorId : PropertyNotFoundStrict

 


Can anyone please help?

This used to work till a week or two back but now it's not working.  Not sure what changed (I have all rights to the tenant and applications in it and can't figure out any change). 

Other commands in the documentation like the following works fine. 

Get-MsIdSigningKeyThumbprint -Latest -DownloadPath <DownloadFolderPath> 

 

 

We are in a dire situation to test this it's impacting our delivery for an urgent issue with a customer. 

 

Any suggestion or fix is highly appreciated. 

 

 

 

 

3 Replies

@bctest2105 I am also encountering this issue.  Did you find a way around it?

For anyone else who encounters this issue, I ended up going to the source and running the bits I needed myself.

https://github.com/AzureAD/MSIdentityTools/blob/main/src/Update-MsIdApplicationSigningKeyThumbprint....
<a href="www.google.com">thanks</a>