Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.3k views
in Technique[技术] by (71.8m points)

powershell - Invalid provider type specified. CryptographicException

I am trying to run the script GetAppConfigSettings.ps1 from Microsoft docs help setting up a Key Vault

The script contains the following

# **********************************************************************************************
# Prep the cert credential data
# **********************************************************************************************
$certificateName = "$applicationName" + "cert"
$myCertThumbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certificateName"-KeyUsage DigitalSignature -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:CurrentUserMy" -Provider "Microsoft Enhanced Cryptographic Provider v1.0" ).Thumbprint
$x509 = (Get-ChildItem -Path cert:CurrentUserMy$myCertthumbprint)
$password = Read-Host -Prompt "Please enter the certificate password." -AsSecureString

# Saving the self-signed cert and pfx (private key) in case it's needed later
Export-Certificate -cert $x509 -FilePath ".$certificateName.cer"
Export-PfxCertificate -Cert $x509 -FilePath ".$certificateName.pfx" -Password $password

Running the script ( after setting the variables) produces the following error

New-SelfSignedCertificate : CertEnroll::CX509Enrollment::_CreateRequest: Provider type not defined. 
0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)
At \tsclientEESharedDevMicrosoft.Azure.KeyVault.Samples-2016.11.22 
(1)Microsoft.Azure.KeyVault.SamplesscriptsGetAppConfigSettings.ps1:38 char:22
+ ... umbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certifi ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : NotSpecified: (:) [New-SelfSignedCertificate], Exception
    + FullyQualifiedErrorId : System.Exception,Microsoft.CertificateServices.Commands.NewSelfSignedC 
   ertificateCommand

[Update]

Microsoft Support advised me to change the provider to "Microsoft Platform Crypto Provider"

However I still get the error.

For Powershell, $PSVersionTable reports 5.1.17134.112

I have Version 5.7.0 of AzureRM installed

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

Microsoft support helped me out with this line

$myCertThumbprint = (New-SelfSignedCertificate -CertStoreLocation Cert:CurrentUserMy
-subject MyCert -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(10) 
-Type CodeSigningCert -KeySpec Signature).Thumbprint

The AuthClientId and AuthCertThumbprint values I need for the HelloKeyVault app.config are created.

The AuthClientId displays in the portal as the Application ID and is vissible in the Registered app settings.

To get to it click Azure Active Directory -> App registrations Then click View all applications click on the application then settings

To see the Thumbprint doe the same and then click Keys

enter image description here

I can see AuthClientId


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...