I tried to use Client Cert Auth in HTTP action in Flow. But I always got the error either
The authentication certificate is not formatted correctly. Could not load the certificate.
or
Could not load the certificate private key. Please check the authentication certificate password is correct and try again.
I understand I need put Base64 pfx file, but can anybody share how do you create the Client Certificate that Flow will accept? I tried to use makecert.exe and pvk2pfx.exe to create a client certificate, but when copied the pfx file to my flow, it threw me the first error.
Hi @Gaolai,
Could you please share a screenshot of your flow's configuration?
When you use "HTTP" action with Client Certificate authentication, within Pfx field of "HTTP" action, you should type the Base64-encoded contents representation of your PFX file. Within Password field, type the password to access the PFX file.
The parameter format of Client Certificate Authentication as below:
{ "type": "ClientCertificate", "pfx": "aGVsbG8g...d29ybGQ=", "password": "xxx..xxx" }
Please check if you have filled proper value within Pfx field and Password field of "HTTP" action.
More details about the Client Certificate Authentication, please check the following article:
Client Certificate Authentication
Best regards,
Kris
Hi Kris,
Thanks for your reply. This is exactly what we did in our flow. Please refer to the screen shot above. I generated a client cert by using makecert.exe and pvk2pfx.exe, and copied the whole content from the pfx to the flow. But I got the auth cert is not formatted correctly error. I wonder if the way I put the certificate is correct? How come my pfx content does not look like yours?
Thanks,
I did a little more research, pfx is a binary file, not base64 encoded file. So I wonder how to generate a base64 encoded pfx file needed by Flow? I tried using openssl to generate client certificate by following this article, https://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl, but Flow just won't take it.
I am facing the same problem in Flow. I have a base64 encoded version of the certificate where the key is exportable and provided a password but still receive this error message. Any help from Microsoft would be greatly appreicated.
Hi,
Even, we are facing same issue and have asked for help on Microsoft forum as well.. But till now we have not received any response or answer for the same. Please do keep posted if you are able to resolve this.
Thanks & Regards
Kritika Singh
Just a thought, Could you upload the certificate file in somethinglike SharePoint. Then run a get file content action to get the content of the certificate. And then use this content to do what you are trying to do?
Hi,
Did anybody manage to resolve how to get a base64 version of the pfk generated and used successfully in their flow?
Thanks
Hello! What I did is using a Power Shell code to get the string that needs to be used in the Pfx field.
$pfxpgi = Get-Content "C:\WINDOWS\system32\{your-cert}.pfx" -Encoding Byte [System.Convert]::ToBase64String($pfxpgi)
Full description of the solution can be found here in case you'd like to take further look
Hi,
I tried encoding the pfx content of the certificate and I still get the same error.
I get the following details from authentication
Initially, I tried getting the pfx content from Azure Key Vault using get secret action. I used the value field from this action, I tried using Base64 function on the value field and nothing worked for me. So, I replaced it with pfx content directly by setting it in variable called KeyVaultValue which I used inside Base64 function on the above mentioned image.
Thanks!
Hello,
@Gaolaiyour http action does not look right to me.
Should look like this - not a series of characters.
The post operation worked for me. I am now able to request bearer tokens that expire and post / get data from my api while the token is active.
I was also having a little issue with trying to use the pem and key files.
Then I found you need to make a PFX file with openssl, at least that is what I used.
So I made the pfx file with open ssl and uploaded to sharepoint.
Then I got contents and put the contents in the pfx field inside the formula base64('contents')
Works as expected. I would suggest first testing in PostMan to make sure everything is actually working.
get file content
Http returned my access token
Hi! Try using the pfx content directly but without going to the Base64 step. Did that work?
User | Count |
---|---|
93 | |
40 | |
23 | |
20 | |
16 |
User | Count |
---|---|
130 | |
49 | |
46 | |
28 | |
25 |