I'm trying to import certificate to Azure Key Vault through Azure Pipelines task Azure PowerShell
I've entered this inline script there:
$Password = ConvertTo-SecureString -String "$(cert.password)" -AsPlainText -Force
Import-AzureKeyVaultCertificate -VaultName %KVNAME% -Name %NAME% -FilePath $(cert.secureFilePath) -Password $Password
And I'm getting such error: "Key not valid for use in specified state"
Do you have any suggestions on the cause of error?
Key not valid for use in specified state
According to the error information, it seems that your Azure connection string has no permission to do that action.
Please have a try to use the following way to give the permission to the Azure connection string.
Firstly, if we want to access the Azure Resource, we need to config IAM.
Secondly, if we want to import the certificate to Key Vault, access policy also need to added. After that, PowerShell command Import-AzureKeyVaultCertificate should work in the Azure Devops pipeline.
Note: The application Id should be the same with the service principle Id that used for azure connection string.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://i.stack.imgur.com/TsKT8.png', '推荐 老娘就宠你 的文章《Importing certificate to Azure Key Vault: Key not 》','https://www.manongdao.com/article-1440953.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}