script-samples icon indicating copy to clipboard operation
script-samples copied to clipboard
verified publisher icon pnp

Help with credentials cert

Open chasquad opened this issue 2 years ago • 5 comments

I'm trying to get this PS script ready to run: https://pnp.github.io/script-samples/spo-generate-sp-storage-savings-report/README.html?tabs=pnpps

I noticed that it has recently been updated so that it uses an app/cert for credentials.

I created the app, granted the app permissions, and now I just don't know what to do to fill in the variables for the script:

$UsingCertificate = $true $clientID = "clientID" $tenantId = "[tenant].onmicrosoft.com" $certificatePassword = "pw" $certificatePath = "C:\Users[you][centname].pfx"

I have the clientID from the app that was created. I also know my tenantid. What I'm having trouble understanding is where the "ceertificatePassword" and the "certificatePath" come from. In Entra, I can see the app and the cert information, but no file to download. I can download the manifest, but that downloads as a .json file.

So my questions are:

  1. Where is the certificatepassword? I know the app name, application ID, Client ID, Object ID, Directory ID, Tenant ID, Thumbprint, certificate ID, and Private key.
  2. How do I get the cert file? The script is looking for a path to a .pfx file.

Thanks!

chasquad avatar Aug 31 '23 15:08 chasquad

I figured out the cert file issue. Now I have the one that was created on my local computer. I now just need to know what the value for the $certificatePassword" comes from.

chasquad avatar Aug 31 '23 17:08 chasquad

When creating the certificate, you might have specified a password for the private key, if so that’s what the password will be.

Sent from Outlook for iOShttps://aka.ms/o0ukef

From: chasquad @.> Sent: Thursday, August 31, 2023 6:58:35 PM To: pnp/script-samples @.> Cc: Subscribed @.***> Subject: Re: [pnp/script-samples] Help with credentials cert (Issue #573)

I figured out the cert file issue. Now I have the one that was created on my local computer. I now just need to know what the value for the $certificatePassword" comes from.

— Reply to this email directly, view it on GitHubhttps://github.com/pnp/script-samples/issues/573#issuecomment-1701515827, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ACC7Z4PJHMKIVOJJR5MFMTTXYDGEXANCNFSM6AAAAAA4GI2ZME. You are receiving this because you are subscribed to this thread.Message ID: @.***>

pkbullock avatar Aug 31 '23 18:08 pkbullock

See sample 3 here , https://pnp.github.io/powershell/cmdlets/New-PnPAzureCertificate.html

😁

kasperbolarsen avatar Aug 31 '23 18:08 kasperbolarsen

I used a PowerShell script to create the app registration, and that created the cert files. The script didn't have anything about a password ... so does that mean that I just leave the $certificatePassword" variable blank?

$result = Register-PnPAzureADApp -ApplicationName "CSPNP1" -Tenant mytenant.onmicrosoft.com -OutPath c:\mycertificates -DeviceLogin $result

chasquad avatar Aug 31 '23 18:08 chasquad

@chasquad you might find this usefull https://pnp.github.io/script-samples/spo-add-sppkg-ad-app-certificate/README.html?tabs=cli-m365-ps

top part is about creating cert with password

ValerasNarbutas avatar Dec 14 '23 14:12 ValerasNarbutas

Closing as old. Thank you all.

pkbullock avatar Jul 27 '24 19:07 pkbullock