0
votes

I am trying to upload a public and private certificate to Azure web app using powershell. I am using the below code which is uploading the cert to the webapp. The issue I have is how to extract these public/private certificate metadata(blob content) and the thumbprint using powershell from the certificate file(public cert .cer, private cert .pfx).

$PropertiesObject = @{
    blob="LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUZ5RENDQTdDZ0F3SUJBZ0lDRUFBd0RRWUpLb1pJaHZjTkFRRUxCUUF3ZkRFTE1Ba0dBMVVFQmhNQ1ZWTXgKRlRBVEJnTlZCQWdNREZCbGJtNXplV3gyWVc1cFlURVRNQkVHQTFVRUJ3d0tVR2wwZEhOaWRYSm5hREVWTUJNRwpBMVVFQ2d3TVZHVnNaWFBDRVJUSUZJQ0FURS0tLS0tCg==";
    publicCertificateLocation= "CurrentUserMy"; 
    thumbprint= "8158F2A26BCB4A75479D2FBF17550";
    ResourceType = "Microsoft.Web/sites/publicCertificates";
    ResourceName= "DevUserService/my-cert-new"
}

$resourceId = '/subscriptions/967d-a594-8fd5-aeb26/resourceGroups/DevA_AppServices/providers/Microsoft.Web/sites/DevUserService'
$resource = Get-AzureRmResource -ResourceId $resourceId

New-AzureRmResource -Location $resource.Location -PropertyObject $PropertiesObject -ResourceGroupName $resource.ResourceGroupName -ResourceType Microsoft.Web/sites/publicCertificates -ResourceName "DevUserService/my-cert-new" -ApiVersion 2018-02-01 -Force

Above code uploads and attaches the public certificate to the webapp.

But I want to use powershell to extract the certificate blob content, thumbprint from the .cer, .pfx file I have in my system.

To try the code, I had manually uploaded this public cert to my webapp and the below call showed the blob content. Get-AzureRmResource -ResourceGroupName DevUS_A_ApplicationServices1 -ResourceType Microsoft.Web/sites/publicCertificates -ResourceName "DevService" -ApiVersion 2018-02-01

1

1 Answers

0
votes

I solved it. Here is the code for reading the .cer file content.

$fullpath = 'C:\Certs\mycert.cer' 
$pwd = ConvertTo-SecureString -String 'anyPwd' -AsPlainText -Force
$cert  = New-AzureRmApplicationGatewaySslCertificate -Name someCert -CertificateFile $fullpath -Password $pwd 

$PropertiesObject = @{
        blob=$cert.Data; 
        publicCertificateLocation= "CurrentUserMy";
        thumbprint= $certThumbPrint;
        ResourceType = "Microsoft.Web/sites/publicCertificates"
    }

I could not read the thumbprint this way but for sure you can import the cert to your local machine and find it.