New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
failed to get certificate URL, retry(0) issue with winrm #4201
Comments
This is the real issue.
The Azure builder did a poor job of making this clear. This is usually caused by setting the wrong ObjectID for your SPN. azure ad sp show --spn <client_id> |
From the logs it looks like you are using 0.11.0.
…On Nov 24, 2016 6:45 AM, "Anton VIshnyakov" ***@***.***> wrote:
While building azure rm images, the following issue arises:
..failed to get certificate URL, retry(0)
Full workflow goes as following:
==> azure-arm: Running builder ...
azure-arm: Creating Azure Resource Manager (ARM) client ...
==> azure-arm: Creating resource group ...
==> azure-arm: -> ResourceGroupName : 'packer-Resource-Group-9c0p55hq20'
==> azure-arm: -> Location : 'West US'
==> azure-arm: -> Tags :
==> azure-arm: Validating deployment template ...
==> azure-arm: -> ResourceGroupName : 'packer-Resource-Group-9c0p55hq20'
==> azure-arm: -> DeploymentName : 'pkrdp9c0p55hq20'
==> azure-arm: Deploying deployment template ...
==> azure-arm: -> ResourceGroupName : 'packer-Resource-Group-9c0p55hq20'
==> azure-arm: -> DeploymentName : 'pkrdp9c0p55hq20'
==> azure-arm: Getting the certificate's URL ...
==> azure-arm: -> Key Vault Name : 'pkrkv9c0p55hq20'
==> azure-arm: -> Key Vault Secret Name : 'packerKeyVaultSecret'
==> azure-arm: ...failed to get certificate URL, retry(0)
- packer --version 0.12.0
- win10 + azure rm
- packer log - https://gist.github.com/avishnyakov/
06443e90b71730ddac977bb5d3d17cb6
<https://gist.github.com/avishnyakov/06443e90b71730ddac977bb5d3d17cb6>
- packer tamples - https://gist.github.com/avishnyakov/
c58061e52ee9015eacc4284b85f27f8c
<https://gist.github.com/avishnyakov/c58061e52ee9015eacc4284b85f27f8c>
Let me know if more info is needed.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#4201>, or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAiCg8tzL88c03YJiB4AF9g0CPQxooGaks5rBSSEgaJpZM4K7TF0>
.
|
Gosh, that might be the key. You are right. Saw that here and there in the posts/docs as well. Let me check.
|
Yep, Object ID is the problem. Got the wrong one, wasn't sure which one to get. So the "Object ID" should be taken from the role assignment. Confirming that all works with packer 0.12.0 As for the following, it does not seem to exist within azure cli on windows, which is a bit weird.
Looks really good now. VM is created, all seems to be fine. Thanks for the help! |
In Powershell Get-AzureRmADServicePrincipal will show all SPN, the name YOU THINK it is is actually the display name. Look for this in the list provided and the objectid will be in the same list. the SPN name is actually a url without the display name in it |
Yes the problem is with wrong Object ID. You will find the right Object ID in RoleAssignments page and not on the Azure AD page where the application is registered. To find the right one, use command line which is fairly straightforward.
Set-AzureRmContext -SubscriptionId "---****-******"
get-AzureRmRoleAssignment |
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further. |
While building azure rm images, the following issue arises:
Full workflow goes as following:
Let me know if more info is needed.
The text was updated successfully, but these errors were encountered: