-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unable to extract myCertificate.p12 file into pem via suggested commands in README #15946
Comments
Hi @jcroma, thanks for creating this issue! I'll take a look shortly, and will let you know what I find |
@jcroma looking into this, because you are importing a PEM certificate, when you download it the certificate will already be in PEM format so there will be no need to convert it. The instructions in the README refer to certificates which were created using keyvault (which by default uses pfx certificates) rather than imported into keyvault already in PEM format. You can verify this for me by opening If you see something like
It is already a PEM certificate. You may not see both private and certificate sections. If you see something else - let me know! I'll be interested in understanding your scenario better.
Hope this helps! Feel free to reach out with any updates |
Hi @maorleger thanks for fast answer.
in .p12 file. I thought this command mayby separate them.
|
Good morning! I tried the steps you listed but was successful in creating, importing, exporting, and decoding the certificate. For context, here's what I did:
At that point, I was able to run the following code snippet successfully: const { SecretClient } = require("@azure/keyvault-secrets");
const { DefaultAzureCredential } = require("@azure/identity");
const dotenv = require("dotenv");
const fs = require("fs");
dotenv.config();
async function main() {
const secretClient = new SecretClient(process.env.KEYVAULT_URI!, new DefaultAzureCredential());
const certificateSecret = await secretClient.getSecret("capfx");
const PKCS12Certificate = certificateSecret.value!;
fs.writeFileSync("capfx.pfx", PKCS12Certificate);
console.log("downloaded to capfx.pfx");
}
main()
.then(() => console.log("done"))
.catch(console.error); Finally, now that I have the pfx file I can see that it is base64 encoded. But the following steps worked for me:
And successfully view the certificate in pem format. Given that I verified the steps worked successfully, I am going to close this issue. I hope the snippet above helps! Unfortunately I am far from a openssl expert, but I can do my best to help. If you have a complete repro of the issue please send me exact steps along with minimal repro and I can investigate further. Thank you for reaching out - hope the above is helpful! |
Fix S360 bugs for swagger FSPG 2020-02-14-preview, 2021-06-01-preview and 2021-06-01 APIs (Azure#15946) * Changed FSPG RestartParameter.failoverMode from string to enum for API 2021-06-01, 2021-06-01-preview, and 2021-06-15-privatepreview * Change enum first letter to lower case * Change to upper case * Fix S360 bugs for swagger FSPG 2020-02-14-preview, 2021-06-01-preview and 2021-06-01 APIs
Dev sql microsoft.sql 2021 05 01 preview release (Azure#16289) * add base for Microsoft.sql * Update Readme.md * update version in swagger example files * remove ss * update swagger files * update readme.md * add missing json files * update custom-words.txt to address the spelling check * remove 201 define in ServerUpdate.json * Sync sql 2021 05 01 with main branch (Azure#16236) * Update comment.yml for publish pr (Azure#16166) * Update comment.yml * Update comment.yml * Bump dependencies (Azure#16170) * bump avocado * bump mocha * remove submodule (Azure#16171) * add azure-resource-manager-schema to servicelinker (Azure#16176) Co-authored-by: Nan Jiang <naji@microsoft.com> * Update pr assignment config (Azure#16175) * [Synapse] - fix scheme for Artifacts and update readme to include KQL scripts for October release (Azure#16035) * [Synapse] - fix scheme for Notebook, Spark Job definition and SQL script * Update dataset, linked service and pipeline * Update release tag for october release * Correct type of result limit * Add arguments for SynapseSparkJobActivityTypeProperties Co-authored-by: Dongwei Wang <dongwwa@microsoft.com> * fix (Azure#16164) Merging the change to have accurate Swagger * Remove requirement of identity field in the request for TURN. (Azure#15966) * Remove requirement of identity field in the request. * Update PR * Address comment * change api version in readme for sdk release (Azure#16187) * Add blockchain to latest profile * Add additional types * api version change Co-authored-by: Mark Cowlishaw <markcowl@microsoft.com> Co-authored-by: Ping Zhu <pizh@Pings-MacBook-Pro.local> * [Search] Rename types for better SDK code (Azure#16039) * Rename types for better SDK code * Rename Speller and Captions search options * Reorder parameters to have consistency across APIs * Remove 'SearchIndexer' prefix from projection selectors Remove 'global' prefix from default flags on custom entities * Change enum name AdlsGen2->AzureDataLakeStorageGen2 Change property name storageContainer->storageContainerName * move additional .NET SDK renames to the REST spec * Revert changes in KnowledgeStore which has GAed * Revert changes in CustomEntityLookupSkill which has GAed * Revert changes in SIKSBlobProjectionSelector which has GAed * Revert changes in SearchIndexerDataSourceType which has GAed * Rename ignoreResetRequirements->skipIndexerResetRequirementForCache * fix validStreamingUnits (Azure#16143) Co-authored-by: Roslyn Lu <roslu@microsoft.com> * Fix schemas readme files (Azure#16207) * Fix schemas readme files * fix ref * add resourcemanager in module-name (Azure#16206) * add resourcemanager in module-name * add go track2 repo in readme.md * fix * Minor description update for createorupdate & update slot (Azure#15457) * add scmMinTlsVersion * modify description for createorupdate & update slot for all API versions Co-authored-by: Edwin Diaz <eddiazme@microsoft.com> * [Hub Generated] Review request for Microsoft.Security to add version preview/2021-08-01-preview (Azure#16096) * Adds base for updating Microsoft.Security from version stable/2021-07-01 to version 2021-08-01-preview * Updates readme * Updates API version in new specs and examples * First pass at Microsoft.Security/standards for review/preview * Addressing Round-1 feedback, adding missing descriptions and changing scoping to match ProxyResource type * First pass for Microsoft.Security\standardComponents * Changes to fix a typo in an example spec * Added Microsoft.Security/standardAssignments * Fix naming convention issue * Removed types based on Hila's feedback * Changes to data model for both API calls * Fix example errors and typos * Add systemData to Microsoft.Security/standards * Changes to fix systemData linting * un-nest systemData fields in examples * More systemData placement * Naming convention name to assignments from standardAssignment * Additional example added * Changes to address descriptive comments on field types * Add systemData readOnly * prettier-fix against examples * Cleaned types to ref standard v2 common-types entry similar to securityForIoT * Re-added v2 folder? * Missed a change here? * Cleanup of v2 type completely, updated readme.md * Adds suppression to readme * Adds suppression to readme * Change modification to suppress operations linting Co-authored-by: Adam Holliday <adamho@microsoft.com> * Yifanzhou/api version change (Azure#16191) * remove Catalog * update 2021-05-01-preview * delete 2021-09-01 * Update readme.md * Update purviewcatalog.json * change read-only property (Azure#16209) Co-authored-by: Parv Saxena <pasaxena@microsoft.com> * Update account.json - make CollectionReferece type writable (Azure#16208) * Update account.json Updating the CollectionReference to be writeable to unblock the customers. * Update account.json Need the default set in the client SDK * Fixed an event name typo in its description. (Azure#16227) * Introduce new API version for Microsoft.ProviderHub 2021-09-01-preview (Azure#15723) * Introduce new API version for Microsoft.ProviderHub 2021-09-01-preview * Add PrivateResourceProviderConfigurations * Add PrivateRP examples * Fix enum type. * Fix enum again * Prettier * Fix prettier error * Add readme.md + prettier * Fix * Fix avocado error * Modify interface * Fix issue * Make it private preview * Remove private RP changes * Update SKU settings Co-authored-by: REDMOND\lakshv <lakshv@microsoft.com> Co-authored-by: He Huang <47040595+hjhhh3000vitae@users.noreply.github.com> * fluidrelay_readme_config (Azure#16192) fluidrelay_readme_config * Add community gallery proxy resource (Azure#16043) * [Hub Generated] Public private branch 'dev-storagecache-Microsoft.StorageCache-2021-09-01' (Azure#16152) * Adds base for updating Microsoft.StorageCache from version stable/2021-05-01 to version 2021-09-01 * Updates readme * Updates API version in new specs and examples * 2021-09-01 API * Fix LintDiff Co-authored-by: rebecca337 <80353400+rebecca337@users.noreply.github.com> Co-authored-by: Rebecca Dupuis <rdupuis@microsoft.com> * Fix S360 bugs for swagger FSPG 2020-02-14-preview, 2021-06-01-preview and 2021-06-01 APIs (Azure#15946) * Changed FSPG RestartParameter.failoverMode from string to enum for API 2021-06-01, 2021-06-01-preview, and 2021-06-15-privatepreview * Change enum first letter to lower case * Change to upper case * Fix S360 bugs for swagger FSPG 2020-02-14-preview, 2021-06-01-preview and 2021-06-01 APIs * Add email reminder when PR makes changes in Synapse (Azure#16116) * add email reminder to synapse * fix for comment * ServiceBus add batch tag (Azure#16229) * add code owner to synapse (Azure#16230) * [Datafactory] Power Query model changes for multiple queries (Azure#16158) * [Synapse] Add release tag for management SDK Oct. release (Azure#16213) * update release tag * fix for avocado Co-authored-by: Tianen <347142915@qq.com> Co-authored-by: Zhenglai Zhang <darinzh@microsoft.com> Co-authored-by: Lei Ni <7233663+leni-msft@users.noreply.github.com> Co-authored-by: najian <jiangnan8924@gmail.com> Co-authored-by: Nan Jiang <naji@microsoft.com> Co-authored-by: Ray Chen <raychen@microsoft.com> Co-authored-by: Dongwei Wang <bean0idear@163.com> Co-authored-by: Dongwei Wang <dongwwa@microsoft.com> Co-authored-by: msyyc <70930885+msyyc@users.noreply.github.com> Co-authored-by: AriZavala2 <77034370+AriZavala2@users.noreply.github.com> Co-authored-by: PingZhu2232 <36140352+PingZhu2232@users.noreply.github.com> Co-authored-by: Mark Cowlishaw <markcowl@microsoft.com> Co-authored-by: Ping Zhu <pizh@Pings-MacBook-Pro.local> Co-authored-by: Mohit Chakraborty <8271806+Mohit-Chakraborty@users.noreply.github.com> Co-authored-by: Roslyn Lu <roslyn.lu@gmail.com> Co-authored-by: Roslyn Lu <roslu@microsoft.com> Co-authored-by: JiahuiPeng <46921893+804873052@users.noreply.github.com> Co-authored-by: edwin-msft <71858592+edwin-msft@users.noreply.github.com> Co-authored-by: Edwin Diaz <eddiazme@microsoft.com> Co-authored-by: dochollidayxx <dochollidayxx@gmail.com> Co-authored-by: Adam Holliday <adamho@microsoft.com> Co-authored-by: yifan-zhou922 <78060542+yifan-zhou922@users.noreply.github.com> Co-authored-by: Parv Saxena <psaxena6@jhu.edu> Co-authored-by: Parv Saxena <pasaxena@microsoft.com> Co-authored-by: hvermis <hvermis@microsoft.com> Co-authored-by: xuepingd <75347475+xuepingd@users.noreply.github.com> Co-authored-by: laxmankumar12 <vlk_laxman@yahoo.com> Co-authored-by: REDMOND\lakshv <lakshv@microsoft.com> Co-authored-by: He Huang <47040595+hjhhh3000vitae@users.noreply.github.com> Co-authored-by: Zed Lei <59104634+RAY-316@users.noreply.github.com> Co-authored-by: kangsun-ctrl <69279251+kangsun-ctrl@users.noreply.github.com> Co-authored-by: brpanask <64860651+brpanask@users.noreply.github.com> Co-authored-by: rebecca337 <80353400+rebecca337@users.noreply.github.com> Co-authored-by: Rebecca Dupuis <rdupuis@microsoft.com> Co-authored-by: xunsun-commits <84804232+xunsun-commits@users.noreply.github.com> Co-authored-by: Wan Yang <wanyang@microsoft.com> Co-authored-by: soma-ms <84877933+soma-ms@users.noreply.github.com> * remove blank line * address comments * address the description comment * update the swagger * remove ManagedInstances_ListOutboundNetworkDependenciesByManagedInstance * Update from microsoft.sql 2021-05-01-preview to base branch (Azure#16184) * Update comment.yml for publish pr (Azure#16166) * Update comment.yml * Update comment.yml * Bump dependencies (Azure#16170) * bump avocado * bump mocha * remove submodule (Azure#16171) * add azure-resource-manager-schema to servicelinker (Azure#16176) Co-authored-by: Nan Jiang <naji@microsoft.com> * Update pr assignment config (Azure#16175) * [Synapse] - fix scheme for Artifacts and update readme to include KQL scripts for October release (Azure#16035) * [Synapse] - fix scheme for Notebook, Spark Job definition and SQL script * Update dataset, linked service and pipeline * Update release tag for october release * Correct type of result limit * Add arguments for SynapseSparkJobActivityTypeProperties Co-authored-by: Dongwei Wang <dongwwa@microsoft.com> * fix (Azure#16164) Merging the change to have accurate Swagger * update swagger files * update readme.md * add missing json files * update custom-words.txt to address the spelling check * remove 201 define in ServerUpdate.json * remove blank line * address comments * address the description comment * update the swagger * remove ManagedInstances_ListOutboundNetworkDependenciesByManagedInstance Co-authored-by: Tianen <347142915@qq.com> Co-authored-by: Zhenglai Zhang <darinzh@microsoft.com> Co-authored-by: Lei Ni <7233663+leni-msft@users.noreply.github.com> Co-authored-by: najian <jiangnan8924@gmail.com> Co-authored-by: Nan Jiang <naji@microsoft.com> Co-authored-by: Ray Chen <raychen@microsoft.com> Co-authored-by: Dongwei Wang <bean0idear@163.com> Co-authored-by: Dongwei Wang <dongwwa@microsoft.com> Co-authored-by: msyyc <70930885+msyyc@users.noreply.github.com> Co-authored-by: Tianen <347142915@qq.com> Co-authored-by: Zhenglai Zhang <darinzh@microsoft.com> Co-authored-by: Lei Ni <7233663+leni-msft@users.noreply.github.com> Co-authored-by: najian <jiangnan8924@gmail.com> Co-authored-by: Nan Jiang <naji@microsoft.com> Co-authored-by: Ray Chen <raychen@microsoft.com> Co-authored-by: Dongwei Wang <bean0idear@163.com> Co-authored-by: Dongwei Wang <dongwwa@microsoft.com> Co-authored-by: msyyc <70930885+msyyc@users.noreply.github.com> Co-authored-by: AriZavala2 <77034370+AriZavala2@users.noreply.github.com> Co-authored-by: PingZhu2232 <36140352+PingZhu2232@users.noreply.github.com> Co-authored-by: Mark Cowlishaw <markcowl@microsoft.com> Co-authored-by: Ping Zhu <pizh@Pings-MacBook-Pro.local> Co-authored-by: Mohit Chakraborty <8271806+Mohit-Chakraborty@users.noreply.github.com> Co-authored-by: Roslyn Lu <roslyn.lu@gmail.com> Co-authored-by: Roslyn Lu <roslu@microsoft.com> Co-authored-by: JiahuiPeng <46921893+804873052@users.noreply.github.com> Co-authored-by: edwin-msft <71858592+edwin-msft@users.noreply.github.com> Co-authored-by: Edwin Diaz <eddiazme@microsoft.com> Co-authored-by: dochollidayxx <dochollidayxx@gmail.com> Co-authored-by: Adam Holliday <adamho@microsoft.com> Co-authored-by: yifan-zhou922 <78060542+yifan-zhou922@users.noreply.github.com> Co-authored-by: Parv Saxena <psaxena6@jhu.edu> Co-authored-by: Parv Saxena <pasaxena@microsoft.com> Co-authored-by: hvermis <hvermis@microsoft.com> Co-authored-by: xuepingd <75347475+xuepingd@users.noreply.github.com> Co-authored-by: laxmankumar12 <vlk_laxman@yahoo.com> Co-authored-by: REDMOND\lakshv <lakshv@microsoft.com> Co-authored-by: He Huang <47040595+hjhhh3000vitae@users.noreply.github.com> Co-authored-by: Zed Lei <59104634+RAY-316@users.noreply.github.com> Co-authored-by: kangsun-ctrl <69279251+kangsun-ctrl@users.noreply.github.com> Co-authored-by: brpanask <64860651+brpanask@users.noreply.github.com> Co-authored-by: rebecca337 <80353400+rebecca337@users.noreply.github.com> Co-authored-by: Rebecca Dupuis <rdupuis@microsoft.com> Co-authored-by: xunsun-commits <84804232+xunsun-commits@users.noreply.github.com> Co-authored-by: Wan Yang <wanyang@microsoft.com> Co-authored-by: soma-ms <84877933+soma-ms@users.noreply.github.com>
Describe the bug
While I'm trying to extract key and cert from *.p12 file I'm getting error:
2776:error:0D0680A8:asn1 encoding routines:asn1_check_tlen:wrong tag:../openssl-1.1.1k/crypto/asn1/tasn_dec.c:1149:
2776:error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error:../openssl-1.1.1k/crypto/asn1/tasn_dec.c:309:Type=PKCS12
To Reproduce
1.Create certificate and key files:
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certout.pem
2. Move them to one file:
cat certout.pem key.pem > upload.pem
3. Add upload.pem to keyvault certificates via CLI:
az keyvault certificate import --file upload.pem --name cacl --vault-name ***
vault-name marked as *** since I'm not sure if it may be sensitive data for company4. Certificate is present on keyvault -> certificates
5. As npm manual says:
got error described in bug section
Expected behavior
As documentation says I should get "the public certificate in PEM format"
Additional context
I'm able to get cert and key via CLI so I assuming there is nothing wrong with cert/key
The text was updated successfully, but these errors were encountered: