gregjhogan · July 19, 2017 05:20
diff --git a/azure-spn-certificate-auth-setup.ps1 b/azure-spn-certificate-auth-setup.ps1
 Set-StrictMode -Version Lastest
 $ErrorActionPreference = "Stop"

 Logon-AzureRmAccount

 $appId = Read-Host "Enter application ID of service principal"
 $adApp = (Get-AzureRmADApplication -ApplicationId $appId)[0]
 $spnId = (Get-AzureRmADServicePrincipal -ServicePrincipalName $adApp.IdentifierUris[0])[0].ApplicationId.Guid

 $endDate = (Get-Date).AddYears(1)
 $certSelfSigned = New-SelfSignedCertificate -Subject $spnId -CertStoreLocation Cert:\CurrentUser\My -NotAfter $endDate -KeyExportPolicy Exportable -Type CodeSigningCert -KeySpec Signature
 $publicKey = [System.Convert]::ToBase64String($certSelfSigned.GetRawCertData())
 New-AzureRmADSpCredential -ServicePrincipalObjectId $spnId -CertValue $publicKey -EndDate $endDate
 # TEST: Login-AzureRmAccount -ServicePrincipal -CertificateThumbprint $certSelfSigned.Thumbprint -ApplicationId $appId -TenantId <guid>

 $storeLocation = [Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser
 $storeName = [Security.Cryptography.X509Certificates.StoreName]::My
 $store = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Store @($storeName, $storeLocation)
 $store.Open([Security.Cryptography.X509Certificates.OpenFlags]::OpenExistingOnly)
 $findType = [System.Security.Cryptography.X509Certificates.X509FindType]::FindByThumbprint
 $cert = $store.Certificates.Find($findType, $certSelfSigned.Thumbprint, $false)
 $pfxBlob = [System.Convert]::ToBase64String($cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12))
 $store.Close()

 "THUMBPRINT: $($certSelfSigned.Thumbprint)"
 "PFX BLOB: `n$pfxBlob"
	Set-StrictMode -Version Lastest
	$ErrorActionPreference = "Stop"

	Logon-AzureRmAccount

	$appId = Read-Host "Enter application ID of service principal"
	$adApp = (Get-AzureRmADApplication -ApplicationId $appId)[0]
	$spnId = (Get-AzureRmADServicePrincipal -ServicePrincipalName $adApp.IdentifierUris[0])[0].ApplicationId.Guid

	$endDate = (Get-Date).AddYears(1)
	$certSelfSigned = New-SelfSignedCertificate -Subject $spnId -CertStoreLocation Cert:\CurrentUser\My -NotAfter $endDate -KeyExportPolicy Exportable -Type CodeSigningCert -KeySpec Signature
	$publicKey = [System.Convert]::ToBase64String($certSelfSigned.GetRawCertData())
	New-AzureRmADSpCredential -ServicePrincipalObjectId $spnId -CertValue $publicKey -EndDate $endDate
	# TEST: Login-AzureRmAccount -ServicePrincipal -CertificateThumbprint $certSelfSigned.Thumbprint -ApplicationId $appId -TenantId <guid>

	$storeLocation = [Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser
	$storeName = [Security.Cryptography.X509Certificates.StoreName]::My
	$store = New-Object -TypeName System.Security.Cryptography.X509Certificates.X509Store @($storeName, $storeLocation)
	$store.Open([Security.Cryptography.X509Certificates.OpenFlags]::OpenExistingOnly)
	$findType = [System.Security.Cryptography.X509Certificates.X509FindType]::FindByThumbprint
	$cert = $store.Certificates.Find($findType, $certSelfSigned.Thumbprint, $false)
	$pfxBlob = [System.Convert]::ToBase64String($cert.Export([Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12))
	$store.Close()

	"THUMBPRINT: $($certSelfSigned.Thumbprint)"
	"PFX BLOB: `n$pfxBlob"
No results found