一段时间以来,我一直在尝试寻找一种方法来从我们的 Cloud Classic 资源中的证书中检索输出。
我们有一个云管理网关,用于在云服务中存储证书。作为监控的一部分,我想找到一种使用 powershell 提取数据的方法。
有人有这方面的经验吗?还没有找到任何有效的方法。
答案 0 :(得分:1)
如果您想从 Azure 云服务中检索证书,我们可以使用命令 Get-AzureCertificate
例如
在 azure 自动化帐户中创建运行方式帐户
脚本
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName testcloud05
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}
$ConnectionAssetName = "AzureClassicRunAsConnection"
# Authenticate to Azure with certificate
Write-Verbose "Get connection asset: $ConnectionAssetName" -Verbose
$Conn = Get-AutomationConnection -Name $ConnectionAssetName
if ($Conn -eq $null)
{
throw "Could not retrieve connection asset: $ConnectionAssetName. Assure that this asset exists in the Automation account."
}
$CertificateAssetName = $Conn.CertificateAssetName
Write-Verbose "Getting the certificate: $CertificateAssetName" -Verbose
$AzureCert = Get-AutomationCertificate -Name $CertificateAssetName
if ($AzureCert -eq $null)
{
throw "Could not retrieve certificate asset: $CertificateAssetName. Assure that this asset exists in the Automation account."
}
Write-Verbose "Authenticating to Azure with certificate." -Verbose
Set-AzureSubscription -SubscriptionName $Conn.SubscriptionName -SubscriptionId $Conn.SubscriptionID -Certificate $AzureCert
Select-AzureSubscription -SubscriptionId $Conn.SubscriptionID
$certs=Get-AzureCertificate -ServiceName "<your cloud service name>"
foreach($cert in $certs){
$result=[System.Security.Cryptography.X509Certificates.X509Certificate2]([System.Convert]::FromBase64String($cert.Data))
$result.Subject
Get-Date $result.NotAfter -Format d
}