使用证书在azure中创建服务主体

时间:2017-10-04 04:13:35

标签: azure azure-active-directory

我正在尝试关注azure documetation来创建sp: https://docs.microsoft.com/en-us/azure/azure-resource-manager/resource-group-authenticate-service-principal-cli

以下步骤使用证书方法直到此处并执行此命令时遇到错误: azure ad sp create -n exampleapp --cert-value {certificate data}

> rawStack: [Getter] } Error   <<< async stack >>>   at __1
> (/usr/local/lib/node_modules/azure-cli/lib/commands/arm/ad/ad.servicePrincipals.js:174:41)   at __3
> (/usr/local/lib/node_modules/azure-cli/lib/commands/arm/ad/ad.servicePrincipals.js:172:30)   <<< raw stack >>>
>     at /usr/local/lib/node_modules/azure-cli/node_modules/azure-graph/lib/operations/servicePrincipals.js:128:19
>     at retryCallback (/usr/local/lib/node_modules/azure-cli/node_modules/ms-rest/lib/filters/systemErrorRetryPolicyFilter.js:89:9)
>     at retryCallback (/usr/local/lib/node_modules/azure-cli/node_modules/ms-rest/lib/filters/exponentialRetryPolicyFilter.js:140:9)
>     at handleRedirect (/usr/local/lib/node_modules/azure-cli/node_modules/ms-rest/lib/filters/redirectFilter.js:39:9)
>     at /usr/local/lib/node_modules/azure-cli/node_modules/ms-rest-azure/lib/filters/rpRegistrationFilter.js:59:14
>     at /usr/local/lib/node_modules/azure-cli/lib/util/utils.js:613:7
>     at handleRedirect (/usr/local/lib/node_modules/azure-cli/lib/util/utils.js:590:9)
>     at /usr/local/lib/node_modules/azure-cli/lib/util/logging.js:331:7
>     at Request._callback (/usr/local/lib/node_modules/azure-cli/node_modules/ms-rest/lib/requestPipeline.js:125:16)
>     at Request.self.callback (/usr/local/lib/node_modules/azure-cli/node_modules/request/request.js:187:22)

1 个答案:

答案 0 :(得分:1)

目前,Azure有 CLI 1.0 CLI 2.0

CLI 1.0命令如下:azure ad sp

CLI 2.0命令如下:az ad sp

我们可以使用此命令进行检查:azure --versionaz --version

如果安装CLI 2.0,我们可以使用此命令创建SP:

az ad sp create-for-rbac --name {appId} --password "{strong password}" 

有关使用CLI 2.0创建SP的更多信息,请参阅此article

<强>更新

如果您想使用CLI 1.0创建SP,--cert-value代表 base 64编码证书。

我们可以使用PowerShell对其进行编码,请参阅此link