Help with credentials cert

[chasquad]

I'm trying to get this PS script ready to run: https://pnp.github.io/script-samples/spo-generate-sp-storage-savings-report/README.html?tabs=pnpps

I noticed that it has recently been updated so that it uses an app/cert for credentials.

I created the app, granted the app permissions, and now I just don't know what to do to fill in the variables for the script:

$UsingCertificate = $true
$clientID = "clientID"
$tenantId = "[tenant].onmicrosoft.com"
$certificatePassword = "pw"
$certificatePath = "C:\Users[you][centname].pfx"

I have the clientID from the app that was created. I also know my tenantid. What I'm having trouble understanding is where the "ceertificatePassword" and the "certificatePath" come from. In Entra, I can see the app and the cert information, but no file to download. I can download the manifest, but that downloads as a .json file.

So my questions are:

1. Where is the certificatepassword? I know the app name, application ID, Client ID, Object ID, Directory ID, Tenant ID, Thumbprint, certificate ID, and Private key.
2. How do I get the cert file? The script is looking for a path to a .pfx file.

Thanks!

[chasquad]

I figured out the cert file issue. Now I have the one that was created on my local computer. I now just need to know what the value for the $certificatePassword" comes from.

[pkbullock]

When creating the certificate, you might have specified a password for the private key, if so that’s what the password will be. Sent from Outlook for iOS<https://aka.ms/o0ukef>

…

________________________________ From: chasquad ***@***.***> Sent: Thursday, August 31, 2023 6:58:35 PM To: pnp/script-samples ***@***.***> Cc: Subscribed ***@***.***> Subject: Re: [pnp/script-samples] Help with credentials cert (Issue #573) I figured out the cert file issue. Now I have the one that was created on my local computer. I now just need to know what the value for the $certificatePassword" comes from. — Reply to this email directly, view it on GitHub<#573 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/ACC7Z4PJHMKIVOJJR5MFMTTXYDGEXANCNFSM6AAAAAA4GI2ZME>. You are receiving this because you are subscribed to this thread.Message ID: ***@***.***>

[kasperbolarsen]

See sample 3 here , https://pnp.github.io/powershell/cmdlets/New-PnPAzureCertificate.html

😁

[chasquad]

I used a PowerShell script to create the app registration, and that created the cert files. The script didn't have anything about a password ... so does that mean that I just leave the $certificatePassword" variable blank?

$result = Register-PnPAzureADApp -ApplicationName "CSPNP1" -Tenant mytenant.onmicrosoft.com -OutPath c:\mycertificates -DeviceLogin
$result

[ValerasNarbutas]

@chasquad you might find this usefull
https://pnp.github.io/script-samples/spo-add-sppkg-ad-app-certificate/README.html?tabs=cli-m365-ps

top part is about creating cert with password