From e2ec6fd7b41d5f114dfd6fb391378aa45e36eabb Mon Sep 17 00:00:00 2001
From: linluliu <linluliu@microsoft.com>
Date: Wed, 3 Aug 2022 22:04:30 -0700
Subject: [PATCH] fix cert upload failure issue

---
 src/containerapp/HISTORY.rst                  |  2 ++
 src/containerapp/azext_containerapp/_utils.py |  5 ++--
 .../latest/test_containerapp_env_commands.py  | 24 +------------------
 3 files changed, 5 insertions(+), 26 deletions(-)

diff --git a/src/containerapp/HISTORY.rst b/src/containerapp/HISTORY.rst
index 03f47f59991..9ca026b9d5d 100644
--- a/src/containerapp/HISTORY.rst
+++ b/src/containerapp/HISTORY.rst
@@ -5,6 +5,8 @@ Release History
 
 0.3.9
 ++++++
+* 'az containerapp env certificate upload': Fix bug where certificate uploading failed with error "Certificate must contain one private key."
+* 'az containerapp env certificate upload': Fix bug where replacing invalid character in certificate name failed"
 
 0.3.8
 ++++++
diff --git a/src/containerapp/azext_containerapp/_utils.py b/src/containerapp/azext_containerapp/_utils.py
index c012f7da845..bb0b57a8165 100644
--- a/src/containerapp/azext_containerapp/_utils.py
+++ b/src/containerapp/azext_containerapp/_utils.py
@@ -1046,7 +1046,7 @@ def generate_randomized_cert_name(thumbprint, prefix, initial="rg"):
     cert_name = "{}-{}-{}-{:04}".format(prefix[:14], initial[:14], thumbprint[:4].lower(), randint(0, 9999))
     for c in cert_name:
         if not (c.isalnum() or c == '-' or c == '.'):
-            cert_name.replace(c, '-')
+            cert_name = cert_name.replace(c, '-')
     return cert_name.lower()
 
 
@@ -1307,8 +1307,7 @@ def load_cert_file(file_path, cert_password=None):
                 x509 = p12.get_certificate()
                 digest_algorithm = 'sha256'
                 thumbprint = x509.digest(digest_algorithm).decode("utf-8").replace(':', '')
-                pem_data = crypto.dump_certificate(crypto.FILETYPE_PEM, x509)
-                blob = b64encode(pem_data).decode("utf-8")
+                blob = b64encode(cert_data).decode("utf-8")
             else:
                 raise FileOperationError('Not a valid file type. Only .PFX and .PEM files are supported.')
     except Exception as e:
diff --git a/src/containerapp/azext_containerapp/tests/latest/test_containerapp_env_commands.py b/src/containerapp/azext_containerapp/tests/latest/test_containerapp_env_commands.py
index 5fafa7ebc93..e6f8914c65e 100644
--- a/src/containerapp/azext_containerapp/tests/latest/test_containerapp_env_commands.py
+++ b/src/containerapp/azext_containerapp/tests/latest/test_containerapp_env_commands.py
@@ -158,21 +158,8 @@ def test_containerapp_env_certificate_e2e(self, resource_group):
             JMESPathCheck('length(@)', 0),
         ])
 
-        # test pem file without password
-        pem_file = os.path.join(TEST_DIR, 'cert.pem')
-        cert_2 = self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}"'.format(resource_group, env_name, pem_file), checks=[
-            JMESPathCheck('type', "Microsoft.App/managedEnvironments/certificates"),
-        ]).get_output_in_json()
-        cert_name_2 = cert_2["name"]
-        cert_id_2 = cert_2["id"]
-        cert_thumbprint_2 = cert_2["properties"]["thumbprint"]
-
         # list certs with a wrong location
-        self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}" -l "{}"'.format(resource_group, env_name, pem_file, "eastus2"), expect_failure=True)
-
-        self.cmd('containerapp env certificate list -n {} -g {}'.format(env_name, resource_group), checks=[
-            JMESPathCheck('length(@)', 2),
-        ])
+        self.cmd('containerapp env certificate upload -g {} -n {} --certificate-file "{}" -l "{}"'.format(resource_group, env_name, pfx_file, "eastus2"), expect_failure=True)
 
         self.cmd('containerapp env certificate list -n {} -g {} --certificate {}'.format(env_name, resource_group, cert_name), checks=[
             JMESPathCheck('length(@)', 1),
@@ -197,15 +184,6 @@ def test_containerapp_env_certificate_e2e(self, resource_group):
 
         self.cmd('containerapp env certificate delete -n {} -g {} --thumbprint {} -l {} --yes'.format(env_name, resource_group, cert_thumbprint, cert_location))
 
-        self.cmd('containerapp env certificate list -n {} -g {} --certificate {}'.format(env_name, resource_group, cert_id_2), checks=[
-            JMESPathCheck('length(@)', 1),
-            JMESPathCheck('[0].name', cert_name_2),
-            JMESPathCheck('[0].id', cert_id_2),
-            JMESPathCheck('[0].properties.thumbprint', cert_thumbprint_2),
-        ])
-
-        self.cmd('containerapp env certificate delete -n {} -g {} --certificate {} --yes'.format(env_name, resource_group, cert_name_2))
-
         self.cmd('containerapp env certificate list -g {} -n {}'.format(resource_group, env_name), checks=[
             JMESPathCheck('length(@)', 0),
         ])