Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authenticate with application id using Certificated-based Authentication #2122

Closed
0B7002 opened this issue Aug 16, 2024 · 1 comment
Closed

Authenticate with application id using Certificated-based Authentication #2122

0B7002 opened this issue Aug 16, 2024 · 1 comment
Labels
status:waiting-for-triage An issue that is yet to be reviewed or assigned

Comments

@0B7002
Copy link

0B7002 commented Aug 16, 2024

I registered the app on the Microsoft Entra admin center by referring to this page:

https://learn.microsoft.com/en-us/graph/auth-v2-service?tabs=http

Then I created public/private key using openssl. Here is the commands.

$ openssl genrsa -out ms365-private.key 2048
$ openssl req -new -x509 -key ms365-private.key -out ms365-public.crt -days 365000

Uploaded the public key (ms365-private.key) on the Microsoft Entra admin center, and I created this code.

TokenCredential credential = new ClientCertificateCredentialBuilder().tenantId("xxxxxxxx")
		.clientId("xxxxxxxx")
		.pemCertificate("/xxxx/xxxxx/ms365-private.key")
		.build();
graphClient = new GraphServiceClient(credential);

but if i execute some methods on this graphClient , this following error occurs

[ERROR] com.azure.identity.implementation.util.CertificateUtil.performLogging - PEM certificate provided does not contain -----BEGIN CERTIFICATE-----END CERTIFICATE----- block 
java.lang.IllegalArgumentException: PEM certificate provided does not contain -----BEGIN CERTIFICATE-----END CERTIFICATE----- block
    at com.azure.identity.implementation.util.CertificateUtil.publicKeyFromPem(CertificateUtil.java:79)
    at com.azure.identity.implementation.IdentityClientBase.getConfidentialClient(IdentityClientBase.java:196)
    at com.azure.identity.implementation.IdentitySyncClient.lambda$new$2(IdentitySyncClient.java:91)
    at com.azure.identity.implementation.SynchronousAccessor.getValue(SynchronousAccessor.java:45)
    at com.azure.identity.implementation.IdentitySyncClient.authenticateWithConfidentialClientCache(IdentitySyncClient.java:171)
    at com.azure.identity.ClientCertificateCredential.getTokenSync(ClientCertificateCredential.java:150)
    at com.microsoft.kiota.authentication.AzureIdentityAccessTokenProvider.getAuthorizationToken(AzureIdentityAccessTokenProvider.java:146)
    at com.microsoft.kiota.authentication.BaseBearerTokenAuthenticationProvider.authenticateRequest(BaseBearerTokenAuthenticationProvider.java:46)

I tried the following but all failed.

  • Change a path specify to pemCertificate() from the private key (ms365-private.key) to the public key (ms365-public.crt)
  • Change the format of the private key (ms365-private.key) to pem format (contains -----BEGIN CERTIFICATE-----END CERTIFICATE----- block)

please help.
@0B7002 0B7002 added the status:waiting-for-triage An issue that is yet to be reviewed or assigned label Aug 16, 2024
@Ndiritu
Copy link
Contributor

Ndiritu commented Aug 19, 2024

duplicate of #2075

@Ndiritu Ndiritu closed this as completed Aug 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:waiting-for-triage An issue that is yet to be reviewed or assigned
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Ndiritu @0B7002