Question

使用PowerShell更改azure帐户中的CurrentStorageAccountName时出现以下错误：

Set-AzureSubscription : Cannot bind parameter 'Certificate'. Cannot convert value
"0EA9BE03CD1C2E5B93DB176F89C2CC2EF147B96C" to type "System.Security.Cryptography.X509Certificates.X509Certificate2".
Error: "The system cannot find the file specified.

代码是：

Set-AzureSubscription -SubscriptionName Enterprise -Certificate 0EA9BE03CD1C2E5B93DB176F89C2CC2EF147B96C -CurrentStorageAccountName btestps -SubscriptionId XXXXXXXXXXXXXXXXXXXXXXXXXXX

Answer 1

我最近需要这样做，你需要实际获取或构建一个X509Certificate2对象，然后将其传递给-certificate参数。

要通过指纹从本地用户证书存储区使用证书设置证书，您可以：

# open the local user certificate store as read-only 
$store = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser)
$store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadOnly)
# get all the certificates in the store
$certs = $store.Certificates;
# restrict the selection to only currently valid certificates
$currentcerts = $certs.Find([System.Security.Cryptography.X509Certificates.X509FindType]::FindByTimeValid, [System.DateTime]::Now, 0)
# get the first certificate by thumbprint, you could also find by distinguished name, subject name, etc 
$signingCert = $currentcerts.Find([System.Security.Cryptography.X509Certificates.X509FindType]::FindByThumbprint,"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",0)[0]
# set the certificate
set-azuresubscription -certificate $signingCert
# open the local user certificate store as read-only 
$store = new-object System.Security.Cryptography.X509Certificates.X509Store([System.Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser)

Answer 2

一些更简单的解决方案是使用它：

$Certificate = Get-Item cert:\\LocalMachine\My\$CertificateThumbprint
Set-AzureSubscription -SubscriptionName Enterprise -Certificate $Certificate

假设证书位于LocalMachine \ My。

中

Set-AzureSubscription：无法绑定参数'Certificate'

2 个答案: