-
Notifications
You must be signed in to change notification settings - Fork 162
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Silent Batch Job Certificate Issue #85
Comments
Hello Christian, Great find! The question is where it is better to convert it to a cert. That should probably happen where it is actually used and not in the start script. Can you get it to work if you implement it in the function in the MSALAuthenication.psm1 file instead? I'm happy to approve a PR if you get that to work. Thank you! Cheers! |
Hi Mikael Sure I can change it in MSALAuthenication.psm1 and convert the thumbprint provided to a X509Certificate2. I propose to search in LocalMachine store for a certificate, what do you think? Cheers |
We can start there. Next option would be to check User store if not found in the machine store. Thank you so much! Cheers! |
I've created a PR, which checks both LocalMachine and CurrentUser store |
Closing this since the PR is merged Cheers! |
I tried to setup a CI Pipeline with silent mode and certificate authentication, but was unable to. With secret authentication everything works as desired. After some debugging I've found the following issue:
The method Microsoft.Identity.Client.ConfidentialClientApplicationBuilder WithCertificate expects a value of type X509Certificate2 rather than a string as defined in Start-IntuneManagement.ps1 and CloudAPIPowerShellManagement.psm1 (Source). The method in question is located in MSALAuthentication.psm1
Changing the param type to X509Certificate2 fixed the authentication with certificate for me, I fetch a certificate from LocalMachine store and pass this to the parameter Certificate, like this
If you prefer I can submit a PR with these changes
The text was updated successfully, but these errors were encountered: