Skip to content

Specify certificate based authentication with cert thumbprint #34

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
BrianTJackett opened this issue Oct 21, 2019 · 5 comments
Closed
Assignees
Labels
enhancement New feature or request P1
Milestone

Comments

@BrianTJackett
Copy link
Contributor

BrianTJackett commented Oct 21, 2019

Suggestion to support specifying the thumbprint of certificate to be used for certificate based authentication. This would be in addition to (or replacing) the option for certificate name. If I'm not mistaken the certificate name could be the same across many different certificates (like a display name) vs. the thumbprint which uniquely identifies the certificate (like an identifier).

Ex. Connect-Graph -ClientId "[clientId]" -TenantId "[tenantId]" -CertificateThumbprint "[certThumbprint]"

@ghost ghost added the ToTriage label Oct 21, 2019
@darrelmiller darrelmiller added this to the OnDeck milestone Nov 1, 2019
@darrelmiller darrelmiller added enhancement New feature or request P1 and removed ToTriage labels Nov 1, 2019
@peombwa peombwa self-assigned this Nov 7, 2019
@peombwa
Copy link
Member

peombwa commented Nov 25, 2019

@darrelmiller, as part of this work, should we expose an optional -CertificatePath parameter to Connect-Graph cmdlet? This will be used for scenarios where a customer would like to use a certificate in a different path other than cert:\CurrentUser\My. The default path will still be cert:\CurrentUser\My when -CertificatePath is not specified.

@darrelmiller
Copy link
Contributor

@peombwa I don't have any objections to that plan, but I do wonder if it is necessary. Have you seen examples of other tools doing something similar?

@peombwa
Copy link
Member

peombwa commented Nov 26, 2019

@darrelmiller, this was in relation to this issue #52 where the customer typically stores their certs in cert:\LocalMachine\My.

Nearly all tools (Azure SDK, AzureAD docs) make the assumption that certs will be stored in cert:\CurrentUser\My. For consistency purposes with other tools, we can maintain the implementation as it is and only use cert:\CurrentUser\My.

@darrelmiller darrelmiller modified the milestones: OnDeck, 0.1.1 Nov 29, 2019
@peombwa
Copy link
Member

peombwa commented Dec 12, 2019

This has been resolved in version 0.1.4.

Install-Module Microsoft.Graph.Beta -RequiredVersion 0.1.4 -Repository GraphPowerShell -Force -AllowClobber

image

@peombwa peombwa closed this as completed Dec 12, 2019
@BrianTJackett
Copy link
Contributor Author

Confirmed this is working as requested in 0.1.4. Thanks so much for getting this released.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request P1
Projects
None yet
Development

No branches or pull requests

3 participants