ayan.poddar
/
eShopOnContainers
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 19 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3314 Commits
36 Branches
655 MiB
 
 
 
 
 
 
Tree: 454525d517
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '454525d517'
${ noResults }
eShopOnContainers/deploy/az/servicefabric/LinuxContainers/gen-keyvaultcert.ps1

53 lines
2.0 KiB
Raw Blame History

Param(
[parameter(Mandatory=$true)][string]$vaultName,
[parameter(Mandatory=$true)][string]$certName,
[parameter(Mandatory=$true)][string]$certPwd,
[parameter(Mandatory=$true)][string]$subjectName,
[parameter(Mandatory=$false)][string]$ValidityInMonths=12,
[parameter(Mandatory=$true)][string]$saveDir
)
#Log in Azure Account
Login-AzureRmAccount
# Create Cert in KeyVault
Write-Host "Creating certificate in Azure KeyVault..." -ForegroundColor Yellow
$policy = New-AzureKeyVaultCertificatePolicy -SubjectName $subjectName -IssuerName Self -ValidityInMonths $ValidityInMonths
Add-AzureKeyVaultCertificate -VaultName $vaultName -Name $certName -CertificatePolicy $policy
# Downloading Certificate
Write-Host "Downloading Certificate from KeyVault..." -ForegroundColor Yellow
$Stoploop = $false
$Retrycount = 0
do {
try {
$kvSecret = Get-AzureKeyVaultSecret -VaultName $vaultName -Name $certName -ErrorAction SilentlyContinue
$kvSecretBytes = [System.Convert]::FromBase64String($kvSecret.SecretValueText)
$certCollection = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2Collection
$certCollection.Import($kvSecretBytes,$null,[System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable)
$protectedCertificateBytes = $certCollection.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pkcs12, $certPwd)
[System.IO.File]::WriteAllBytes($saveDir + "\" + $certName + ".pfx", $protectedCertificateBytes)
$Stoploop = $true
Write-Host "Finished!" -ForegroundColor Yellow
}
catch {
if ($Retrycount -gt 5){
$Stoploop = $true
Write-Host "Not possible to retrieve the certificate!" -ForegroundColor Yellow
}
else {
Start-Sleep -Seconds 20
$Retrycount = $Retrycount + 1
}
}
}
While ($Stoploop -eq $false)
# Show Certificate Values
Get-AzureKeyVaultCertificate -VaultName $vaultName -Name $certName