Open ernani opened 5 years ago
I was not able to reproduce this. It created the self-signed cert as expected. If you try the following, what happens:
az keyvault certificate get-default-policy > policy.json
az keyvault certificate create --vault-name name -n cert1 -p @policy.json
Sorry for the late reply. I've tried the same steps as you did and it still flags me the following error: Expecting property name enclosed in double quotes: line 2 column 3 (char 4)
This is the content of policy.json
ernani@ernmarti-ms:/c/Users/ernmarti/Documents/go$ cat policy.json { "issuerParameters": { "certificateTransparency": null, "name": "Self" }, "keyProperties": { "curve": null, "exportable": true, "keySize": 2048, "keyType": "RSA", "reuseKey": true }, "lifetimeActions": [ { "action": { "actionType": "AutoRenew" }, "trigger": { "daysBeforeExpiry": 90 } } ], "secretProperties": { "contentType": "application/x-pkcs12" }, "x509CertificateProperties": { "keyUsage": [ "cRLSign", "dataEncipherment", "digitalSignature", "keyEncipherment", "keyAgreement", "keyCertSign" ], "subject": "CN=CLIGetDefaultPolicy", "validityInMonths": 12 } }
Please try the create command with --debug
and provide the first line of the debug output (starts with "Command arguments:"). The input might be getting corrupted in some way.
All I got was:
Command arguments: ['keyvault', 'certificate', 'create', '--debug', '--vault-name', 'name', '-n', 'cert1', '-p', '@policy.json']
I am using WSL here.
Hi @ernani, I believe @tjprescott means --debug
for az keyvault certificate create --vault-name jlkv1 -n cert2 -p "$(az keyvault certificate get-default-policy)" --debug
However in my test in WSL, it passes the param without any issue.
user2@DESKTOP-VGQOHCD:~$ az keyvault certificate create --vault-name xxx -n cert2 -p "$(az keyvault certificate get-default-policy)" --debug
Command arguments: ['keyvault', 'certificate', 'create', '--vault-name', 'xxx', '-n', 'cert2', '-p', '{\n "issuerParameters": {\n "certificateTransparency": null,\n ... }', '--debug']
Could you try updating to the latest version and test again?
Hello, here is the full output, btw, I've used --debug before...
ernani@ernmarti-ms:/c/Users/ernmarti/Documents/go/others$ az keyvault certificate create --vault-name keyvault-ernani -n cert2 -p "$(az keyvault certificate get-default-policy)" --debug
Command arguments: ['keyvault', 'certificate', 'create', '--vault-name', 'keyvault-ernani', '-n', 'cert2', '-p', '{\n \x1b[94m"issuerParameters"\x1b[39;49;00m: {\n \x1b[94m"certificateTransparency"\x1b[39;49;00m: \x1b[34mnull\x1b[39;49;00m,\n \x1b[94m"name"\x1b[39;49;00m: \x1b[33m"Self"\x1b[39;49;00m\n },\n \x1b[94m"keyProperties"\x1b[39;49;00m: {\n \x1b[94m"curve"\x1b[39;49;00m: \x1b[34mnull\x1b[39;49;00m,\n \x1b[94m"exportable"\x1b[39;49;00m: \x1b[34mtrue\x1b[39;49;00m,\n \x1b[94m"keySize"\x1b[39;49;00m: \x1b[34m2048\x1b[39;49;00m,\n \x1b[94m"keyType"\x1b[39;49;00m: \x1b[33m"RSA"\x1b[39;49;00m,\n \x1b[94m"reuseKey"\x1b[39;49;00m: \x1b[34mtrue\x1b[39;49;00m\n },\n \x1b[94m"lifetimeActions"\x1b[39;49;00m: [\n {\n \x1b[94m"action"\x1b[39;49;00m: {\n \x1b[94m"actionType"\x1b[39;49;00m: \x1b[33m"AutoRenew"\x1b[39;49;00m\n },\n \x1b[94m"trigger"\x1b[39;49;00m: {\n
\x1b[94m"daysBeforeExpiry"\x1b[39;49;00m: \x1b[34m90\x1b[39;49;00m\n }\n }\n ],\n \x1b[94m"secretProperties"\x1b[39;49;00m: {\n \x1b[94m"contentType"\x1b[39;49;00m: \x1b[33m"application/x-pkcs12"\x1b[39;49;00m\n },\n \x1b[94m"x509CertificateProperties"\x1b[39;49;00m: {\n \x1b[94m"keyUsage"\x1b[39;49;00m: [\n \x1b[33m"cRLSign"\x1b[39;49;00m,\n \x1b[33m"dataEncipherment"\x1b[39;49;00m,\n \x1b[33m"digitalSignature"\x1b[39;49;00m,\n \x1b[33m"keyEncipherment"\x1b[39;49;00m,\n \x1b[33m"keyAgreement"\x1b[39;49;00m,\n \x1b[33m"keyCertSign"\x1b[39;49;00m\n ],\n
\x1b[94m"subject"\x1b[39;49;00m: \x1b[33m"CN=CLIGetDefaultPolicy"\x1b[39;49;00m,\n \x1b[94m"validityInMonths"\x1b[39;49;00m: \x1b[34m12\x1b[39;49;00m\n }\n}', '--debug']
Event: Cli.PreExecute []
Event: CommandParser.OnGlobalArgumentsCreate [<function CLILogging.on_global_arguments at 0x7fb173a51d08>, <function OutputProducer.on_global_arguments at 0x7fb173578b70>, <function CLIQuery.on_global_arguments at 0x7fb1735a4bf8>]
Event: CommandInvoker.OnPreCommandTableCreate []
Installed command modules ['acr', 'acs', 'advisor', 'ams', 'apim', 'appconfig', 'appservice', 'backup', 'batch', 'batchai', 'billing', 'botservice', 'cdn', 'cloud', 'cognitiveservices', 'configure', 'consumption', 'container', 'cosmosdb', 'deploymentmanager', 'dla', 'dls', 'dms', 'eventgrid', 'eventhubs', 'extension', 'feedback', 'find', 'hdinsight', 'interactive', 'iot', 'iotcentral', 'keyvault', 'kusto', 'lab', 'managedservices', 'maps', 'monitor', 'natgateway', 'netappfiles', 'network', 'policyinsights', 'privatedns', 'profile', 'rdbms', 'redis', 'relay', 'reservations', 'resource', 'role', 'search', 'security', 'servicebus', 'servicefabric', 'signalr', 'sql', 'sqlvm', 'storage', 'vm']
Loaded module 'acr' in 0.059 seconds.
Loaded module 'acs' in 0.039 seconds.
Loaded module 'advisor' in 0.005 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'ams' in 0.026 seconds.
Loaded module 'apim' in 0.007 seconds.
Loaded module 'appconfig' in 0.012 seconds.
Loaded module 'appservice' in 0.037 seconds.
Loaded module 'backup' in 0.014 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'batch' in 0.033 seconds.
Loaded module 'batchai' in 0.017 seconds.
Loaded module 'billing' in 0.010 seconds.
Loaded module 'botservice' in 0.017 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'cdn' in 0.020 seconds.
Loaded module 'cloud' in 0.013 seconds.
Loaded module 'cognitiveservices' in 0.005 seconds.
Loaded module 'configure' in 0.011 seconds.
Loaded module 'consumption' in 0.015 seconds.
Loaded module 'container' in 0.008 seconds.
Loaded module 'cosmosdb' in 0.032 seconds.
Loaded module 'deploymentmanager' in 0.015 seconds.
Loaded module 'dla' in 0.018 seconds.
Loaded module 'dls' in 0.017 seconds.
Loaded module 'dms' in 0.013 seconds.
Loaded module 'eventgrid' in 0.008 seconds.
Loaded module 'eventhubs' in 0.025 seconds.
Loaded module 'extension' in 0.011 seconds.
Loaded module 'feedback' in 0.004 seconds.
Loaded module 'find' in 0.004 seconds.
Loaded module 'hdinsight' in 0.023 seconds.
Loaded module 'interactive' in 0.003 seconds.
Loaded module 'iot' in 0.026 seconds.
Loaded module 'iotcentral' in 0.011 seconds.
Loaded module 'keyvault' in 0.051 seconds.
Loaded module 'kusto' in 0.011 seconds.
Loaded module 'lab' in 0.019 seconds.
Loaded module 'managedservices' in 0.013 seconds.
Loaded module 'maps' in 0.015 seconds.
Loaded module 'monitor' in 0.031 seconds.
Loaded module 'natgateway' in 0.007 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'netappfiles' in 0.030 seconds.
Loaded module 'network' in 0.125 seconds.
Loaded module 'policyinsights' in 0.009 seconds.
Loaded module 'privatedns' in 0.034 seconds.
Loaded module 'profile' in 0.011 seconds.
Loaded module 'rdbms' in 0.022 seconds.
Loaded module 'redis' in 0.024 seconds.
Loaded module 'relay' in 0.019 seconds.
Loaded module 'reservations' in 0.017 seconds.
Loaded module 'resource' in 0.032 seconds.
Loaded module 'role' in 0.029 seconds.
Loaded module 'search' in 0.008 seconds.
Loaded module 'security' in 0.016 seconds.
Loaded module 'servicebus' in 0.039 seconds.
Loaded module 'servicefabric' in 0.016 seconds.
Loaded module 'signalr' in 0.012 seconds.
Loaded module 'sql' in 0.035 seconds.
Loaded module 'sqlvm' in 0.018 seconds.
Event: CommandLoader.OnLoadCommandTable []
Loaded module 'storage' in 0.132 seconds.
Loaded module 'vm' in 0.068 seconds.
Loaded all modules in 1.401 seconds. (note: there's always an overhead with the first module loaded)
Extensions directory: '/home/ernani/.azure/cliextensions'
Found 2 extensions: ['azure-firewall', 'interactive']
Extensions directory: '/home/ernani/.azure/cliextensions'
Extension compatibility result: is_compatible=True cli_core_version=2.0.72 min_required=2.0.46 max_required=None
Extensions directory: '/home/ernani/.azure/cliextensions'
Loaded extension 'azure-firewall' in 0.045 seconds.
Extensions directory: '/home/ernani/.azure/cliextensions'
Extension compatibility result: is_compatible=True cli_core_version=2.0.72 min_required=2.0.62 max_required=None
Loaded extension 'interactive' in 0.004 seconds.
Event: CommandInvoker.OnPreCommandTableTruncate [<function AzCliLogging.init_command_file_logging at 0x7fb1732a62f0>]
az_command_data_logger : command args: keyvault certificate create --vault-name {} -n {} -p {} --debug
metadata file logging enabled - writing logs to '/home/ernani/.azure/commands'.
Event: CommandInvoker.OnPreArgumentLoad [<function register_global_subscription_argument.
I'm having the same issue on az 2.21.0 and powershell.
I have the same issue.
Powershell version 5.1.19041.906 az cli version 2.21.0
This is autogenerated. Please review and update as needed.
Describe the bug
Command Name
az keyvault certificate create
Errors:
To Reproduce:
Steps to reproduce the behavior.
az keyvault certificate create --vault-name my-random-keyvault-name -n cert1 -p "$(az keyvault certificate get-default-policy)"
Expected Behavior
That it would generate a selfsigned certificate
Environment Summary
Additional Context