Connect-PnPOnline -thumbprint certificate parameter cannot be null

bender86 commented 4 years ago

Reporting an Issue or Missing Feature

When trying to login with Powershell using ClientID, TenantID and Thumbprint I'm being asked for Certificate.

Expected behavior

I've created an azure App with a certificate and want to connect myselft with this. I need to create a group with: Apply-PnPTenantTemplate -Path .\content.xml

Actual behavior

Pnp version: SharePointPnPPowerShellOnline 3.17.2001.2 $AppId = "xxxx" $Tenant = "xxxx.onmicrosoft.com" $Thumbprint = "xxxx" $url = "https://xxx.sharepoint.com/sites/test"

Connect-pnponline -url:$url -ClientId $AppId -Tenant:$Tenant -Thumbprint:$Thumbprint

CorrelationId : TimeStampUtc : 11-02-20 14:08:32 Message : Value cannot be null. Parameter name: certificate Stacktrace : at SharePointPnP.PowerShell.Commands.Base.ConnectOnline.ProcessRecord() at System.Management.Automation.CommandProcessor.ProcessRecord() ScriptLineNumber : 1

Steps to reproduce behavior

see above

Which version of the PnP-PowerShell Cmdlets are you using?

[ ] PnP PowerShell for SharePoint 2013
[ ] PnP PowerShell for SharePoint 2016
[x] PnP PowerShell for SharePoint Online

What is the version of the Cmdlet module you are running?

(you can retrieve this by executing Get-Module -Name *pnppowershell* -ListAvailable)

How did you install the PnP-PowerShell Cmdlets?

[ ] MSI Installed downloaded from GitHub
[x] Installed through the PowerShell Gallery with Install-Module
[ ] Other means

ghost commented 4 years ago

Thank you for reporting this issue. We will be triaging your incoming issue as soon as possible.

fastlaneb commented 4 years ago

Hi @bender86 Does the certificate with the thumbprint you are using live in the certificate store on the machine you're connecting from?

bender86 commented 4 years ago

@fastlaneb The certificate is not installed on the machine. It's not write in the documentation?

fastlaneb commented 4 years ago

@bender86 The documentation may need to be changed. If you check out the "GetCertificatFromStore" method in CertificateHelper.cs you can see that we're using the thumbprint to reference into the certificate store. If the actual cert doesn't live in this location the cert will be null and you will see this.

bender86 commented 4 years ago

I'm gonna ask to have the .pfx and test if it works. So you can't use this method in an azure function where you can't install a certificate Thanks for your help and i'll go back to give a feedback

fastlaneb commented 4 years ago

Hi @bender86 I think I may have figured this out. To use the certificate in the Azure Function you need to set the WEBSITE_LOAD_CERTIFICATES "Application Setting" to the thumbprint of your certificate. You must also upload your certificate in the "Networking"->"SSL" tab of the Function settings. Can you give this a try?

pnp / PnP-PowerShell