Allow Import-AzWebAppKeyVaultCertificate to specify a certificate name or use the same standard as Azure CLI az webapp config ssl import #17347
Description
Description
When using the Import-AzWebAppKeyVaultCertificate, the Microsoft.Web\Certificates created use the name standard "Keyvalt-Secret" to import the certificate.
In case there are multiple App Service Plans from different webspace on the same RG, the 1st import will work fine and can be used by the App Service Plan. Now, if you run the same import to another ASP that is on a different Webspace, it will be understood as an update of the 1st certificate and the App Service Plan won't be able to consume the certificate.
Azure CLI (az webapp config ssl import) imports with the standard "webspace+KeyVaultName+CertName" and that way it is difficult to conflict with the same name.
Please use the same standard or allow to create it's own name
Issue script & Debug output
N/AEnvironment data
$PSVErsionTable
Name Value
---- -----
PSVersion 7.2.1
PSEdition Core
GitCommitId 7.2.1
OS Linux 5.4.0-1070-azure #73~18.04.1-Ubuntu SMP Wed Feb 9 15:36:45 UTC 2022
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0Module versions
get-module az*
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 2.7.3 Az.Accounts {Add-AzEnvironment, Clear-AzContext, Clear-AzDefault, Connect-AzAccount…}
Script 4.24.0 Az.Compute {Add-AzImageDataDisk, Add-AzVhd, Add-AzVMAdditionalUnattendContent, Add-AzVMDataDisk…}
Script 4.15.0 Az.Network {Add-AzApplicationGatewayAuthenticationCertificate, Add-AzApplicationGatewayBackendAddressPool, Add-AzApplicationGatewayBackendHttpSetting, Add-AzApplicationGatewayCustomError…}
Script 5.4.0 Az.Resources {Export-AzResourceGroup, Export-AzTemplateSpec, Get-AzDenyAssignment, Get-AzDeployment…}
Script 4.3.0 Az.Storage {Add-AzRmStorageContainerLegalHold, Add-AzStorageAccountManagementPolicyAction, Add-AzStorageAccountNetworkRule, Close-AzStorageFileHandle…}
Script 2.10.0 Az.Websites {Add-AzWebAppAccessRestrictionRule, Add-AzWebAppTrafficRouting, Edit-AzWebAppBackupConfiguration, Enter-AzWebAppContainerPSSession…}
Script 0.0.0.10 AzureAD.Standard.Preview {Add-AzureADApplicationOwner, Add-AzureADDeviceRegisteredOwner, Add-AzureADDeviceRegisteredUser, Add-AzureADDirectoryRoleMember…}
Script 0.9.3 AzurePSDriveError output
Resolve-AzError
WARNING: Upcoming breaking changes in the cmdlet 'Resolve-AzError' :
The `Resolve-Error` alias will be removed in a future release. Please change any scripts that use this alias to use `Resolve-AzError` instead.
Note : Go to https://aka.ms/azps-changewarnings for steps to suppress this breaking change warning, and other information on breaking changes in Azure PowerShell.
HistoryId: 7
Message : The term 'clip' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
StackTrace : at System.Management.Automation.CommandDiscovery.LookupCommandInfo(String commandName, CommandTypes commandTypes, SearchResolutionOptions searchResolutionOptions, CommandOrigin commandOrigin, ExecutionContext context)
at System.Management.Automation.CommandDiscovery.LookupCommandInfo(String commandName, CommandOrigin commandOrigin, ExecutionContext context)
at System.Management.Automation.CommandDiscovery.LookupCommandInfo(String commandName, CommandOrigin commandOrigin)
at System.Management.Automation.CommandDiscovery.LookupCommandProcessor(String commandName, CommandOrigin commandOrigin, Nullable`1 useLocalScope)
at System.Management.Automation.ExecutionContext.CreateCommand(String command, Boolean dotSource)
at System.Management.Automation.PipelineOps.AddCommand(PipelineProcessor pipe, CommandParameterInternal[] commandElements, CommandBaseAst commandBaseAst, CommandRedirection[] redirections, ExecutionContext context)
at System.Management.Automation.PipelineOps.InvokePipeline(Object input, Boolean ignoreInput, CommandParameterInternal[][] pipeElements, CommandBaseAst[] pipeElementAsts, CommandRedirection[][] commandRedirections, FunctionContext funcContext)
at System.Management.Automation.Interpreter.ActionCallInstruction`6.Run(InterpretedFrame frame)
at System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame frame)
Exception : System.Management.Automation.CommandNotFoundException
InvocationInfo : {}
Line : get-module az* |clip
Position : At line:1 char:17
+ get-module az* |clip
+ ~~~~
HistoryId : 7
HistoryId: 4
Message : Operation returned an invalid status code 'NotFound'
StackTrace : at Microsoft.Azure.Commands.WebApps.Cmdlets.WebApps.ImportAzWebAppKeyVaultCertificate.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception : Microsoft.Azure.Management.WebSites.Models.DefaultErrorResponseException
InvocationInfo : {Import-AzWebAppKeyVaultCertificate}
Line : Import-AzWebAppKeyVaultCertificate -KeyVaultName KeyVaultEduaralm4 -CertName edu -ResourceGroupName NodeApp -WebAppName eduaralmnode
Position : At line:1 char:1
+ Import-AzWebAppKeyVaultCertificate -KeyVaultName KeyVaultEduaralm4 -C …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 4
HistoryId: 3
Message : Operation returned an invalid status code 'NotFound'
StackTrace : at Microsoft.Azure.Commands.WebApps.Cmdlets.WebApps.ImportAzWebAppKeyVaultCertificate.ExecuteCmdlet()
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.<>c__3`1.<ExecuteSynchronouslyOrAsJob>b__3_0(T c)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet, Action`1 executor)
at Microsoft.WindowsAzure.Commands.Utilities.Common.CmdletExtensions.ExecuteSynchronouslyOrAsJob[T](T cmdlet)
at Microsoft.WindowsAzure.Commands.Utilities.Common.AzurePSCmdlet.ProcessRecord()
Exception : Microsoft.Azure.Management.WebSites.Models.DefaultErrorResponseException
InvocationInfo : {Import-AzWebAppKeyVaultCertificate}
Line : Import-AzWebAppKeyVaultCertificate -KeyVaultName KeyVaultEduaralm4 -CertName edu -ResourceGroupName NodeApp -WebAppName eduaralmnode
Position : At line:1 char:1
+ Import-AzWebAppKeyVaultCertificate -KeyVaultName KeyVaultEduaralm4 -C …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
HistoryId : 3
The Azure PowerShell team is listening, please let us know how we are doing: https://aka.ms/azpssurvey?Q_CHL=ERROR.