I have a Service Fabric cluster with a vmset based on a key-vault for its secrets. It runs fine, but now I need to add a certificate to the personal stores on the running instances (by preference without doing it manually in RDP). I used powershell to add the certificate to the key-vault, but even after increasing the capacity of vmset the new vm does not has the new certificate.
When I try to "reimage" the existing vm's I get the error
Failed to reimage virtual machine instance 'xxxxxxx'. Error: Virtual Machine Scale Sets with extension Microsoft.Azure.ServiceFabric.ServiceFabricNode cannot be reimaged.
So I though I could update the certificate on a virtual machine with the following command
$vm = Add-AzureVMSecret -VM $vm -SourceVaultId $SourceVaultId -CertificateStore $certStore -CertificateUrl $certUrl;
Update-AzureRmVM -ResourceGroupName $resourceGroup -VM $vm
But it seems I'm unable to get an individual vm inside the vmset.
$vm = Get-AzureRmVM -ResourceGroupName $resourceGroupName -Name "xxxxxx"
Get-AzureRmVM : The Resource 'Microsoft.Compute/virtualMachines/xxxxxx' under resource group 'xxxxxxxxxxxxxxx' was not found. StatusCode: 404 ReasonPhrase: Not Found
Does anyone know how to add a certificate on existing vm's inside a vmset? And what if I need to update an certificate that is going to expire, seems like I'll need to do something simular.
