"Non-hexadecimal digit found" from az keyvault secret download

davetapley commented 3 years ago

Describe the bug

Command Name az keyvault secret download

Errors:

Non-hexadecimal digit found

To Reproduce:

Steps to reproduce the behavior. Note that argument values have been redacted, as they may contain sensitive information.

Generate cert using https://github.com/shibayan/keyvault-acmebot
az keyvault secret download --vault-name {} --name {} --file cert.pfx --encoding hex

Expected Behavior

Environment Summary

Linux-5.4.0-52-generic-x86_64-with-debian-buster-sid
Python 3.6.10
Installer: DEB

azure-cli 2.15.0 *

Additional Context

I don't know what the hex encoding would/should be used for, I was just playing around with it while debugging another issue (https://github.com/ansible-collections/ansible.windows/issues/132).

yungezz commented 3 years ago

hi @bim-msft could you pls help to have a look? thanks

ROODAY commented 2 years ago

@bim-msft are there any updates on this bug? It's still present in az cli 2.31.0. Is there another workaround for downloading a pfx certificate in hex format?

evelyn-ys commented 2 years ago

The --encoding param is used to tell CLI what encoding the secret you stored in Keyvault is. If it's stored in hex format, then before we save secret content to the specified file, CLI will unhexlify to get the origin content.

It's not used to let CLI hexlify the content and then save to the specified file.

Azure / azure-cli