Azure Function uses Connect-PnPOnLine -CertificateBase64Encoded with a Certificate stored in AzureKeyVault
which reference belonging to the certificate has to be used in the Azure Function Configuration (that is your Application Settings) and how should it be used in the powershell script?
The pnp documentation tells you to use the “pfx Base64 encoded private key” as a value in the CertificateBase64Encoded parameter.
In Key Vault the Certificate is presented with 3 different identifiers:
- the Certificate;
- the Key;
- the Secret
so which one is “pfx Base64 encoded private key” to be used in CertificateBase64Encoded? And how is to be used? I read in other blogs you need methods System.Convert.
What worked for me was to take the reference to the Certificate Secret in key vault.
#create a reference to the secret identifier of the certificate you have uploaded in KeyVault and just use in the code.Connect-PnPOnline -Url $adminUrl -ClientId $clientID -CertificateBase64Encoded $secret -Tenant $tenantID
Just use the reference to the Secret Identifier and you are good to go. You do not need anything else, no strange conversions to bytes/strings etc.
Previous steps you need to master before even worrying about this one: