kfosaaen · October 18, 2024 15:55
diff --git a/MatchPFXCertToAppRegistration.ps1 b/MatchPFXCertToAppRegistration.ps1
 <#
  This is some simple PowerShell that uses the authenticated Az PowerShell functions to query Entra ID for Service Principal certificates to match them to a thumbprint.
  Delete the "-Password $mypwd" if the PFX file doesn't have a password on it.
  This is convenient for when you have access to a PFX file, but don't know which App Registration uses it.
 #>

 # Change "$PWD\testCertificate.pfx" to point to your PFX file
 $pfxThumb = ((Get-PfxData "$PWD\testCertificate.pfx" -Password $mypwd).EndEntityCertificates).Thumbprint

 # Iterate through each application, find their certificates, and compare the thumbprint to yours
 Get-AzADApplication | ForEach-Object{
 	$appTempId = $_.AppId
 	$appTempName = $_.DisplayName
 	$_ | Get-AzADAppCredential | where CustomKeyIdentifier | ForEach-Object{ if([System.Convert]::ToBase64String($_.CustomKeyIdentifier) -EQ $pfxThumb){ $appTempId; $appTempName}}
 }
	<#
	This is some simple PowerShell that uses the authenticated Az PowerShell functions to query Entra ID for Service Principal certificates to match them to a thumbprint.
	Delete the "-Password $mypwd" if the PFX file doesn't have a password on it.
	This is convenient for when you have access to a PFX file, but don't know which App Registration uses it.
	#>

	# Change "$PWD\testCertificate.pfx" to point to your PFX file
	$pfxThumb = ((Get-PfxData "$PWD\testCertificate.pfx" -Password $mypwd).EndEntityCertificates).Thumbprint

	# Iterate through each application, find their certificates, and compare the thumbprint to yours
	Get-AzADApplication \| ForEach-Object{
	$appTempId = $_.AppId
	$appTempName = $_.DisplayName
	$_ \| Get-AzADAppCredential \| where CustomKeyIdentifier \| ForEach-Object{ if([System.Convert]::ToBase64String($_.CustomKeyIdentifier) -EQ $pfxThumb){ $appTempId; $appTempName}}
	}