cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Gaolai
Advocate I
Advocate I

How to use client certificate auth in HTTP action in Flow

I tried to use Client Cert Auth in HTTP action in Flow. But I always got the error either 

The authentication certificate is not formatted correctly. Could not load the certificate.

or 

Could not load the certificate private key. Please check the authentication certificate password is correct and try again.

 

I understand I need put Base64 pfx file, but can anybody share how do you create the Client Certificate that Flow will accept? I tried to use makecert.exe and pvk2pfx.exe to create a client certificate, but when copied the pfx file to my flow, it threw me the first error.

16 REPLIES 16
v-xida-msft
Community Support
Community Support

Hi @Gaolai,

 

Could you please share a screenshot of your flow's configuration?

 

When you use "HTTP" action with Client Certificate authentication, within Pfx field of "HTTP" action, you should type the Base64-encoded contents representation of your PFX file. Within Password field, type the password to access the PFX file.28.JPG

The parameter format of Client Certificate Authentication as below:

{
    "type": "ClientCertificate",
    "pfx": "aGVsbG8g...d29ybGQ=",
    "password": "xxx..xxx"
}

 

Please check if you have filled proper value within Pfx field and Password field of "HTTP" action.

 

More details about the Client Certificate Authentication, please check the following article:

Client Certificate Authentication

 

Best regards,

Kris

Community Support Team _ Kris Dai
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.

Capture.PNG

 

Hi Kris,

 

Thanks for your reply. This is exactly what we did in our flow. Please refer to the screen shot above. I generated a client cert by using  makecert.exe and pvk2pfx.exe, and copied the whole content from the pfx to the flow. But I got the auth cert is not formatted correctly error. I wonder if the way I put the certificate is correct? How come my pfx content does not look like yours?

 

Thanks,

 

I did a little more research, pfx is a binary file, not base64 encoded file. So I wonder how to generate a base64 encoded pfx file needed by Flow? I tried using openssl to generate client certificate by following this article, https://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl, but Flow just won't take it.

 

kpemberton
New Member

I am facing the same problem in Flow.  I have a base64 encoded version of the certificate where the key is exportable and provided a password but still receive this error message.  Any help from Microsoft would be greatly appreicated.

Anonymous
Not applicable

Hi,

 

Even, we are facing same issue and have asked for help on Microsoft forum as well.. But till now we have not received any response or answer for the same. Please do keep posted if you are able to resolve this.

 

Thanks & Regards

Kritika Singh

Just a thought, Could you upload the certificate file in somethinglike SharePoint. Then run a get file content action to get the content of the certificate. And then use this content to do what you are trying to do?

MartinHutchcpa
Helper III
Helper III

Hi,

Did anybody manage to resolve how to get a base64 version of the pfk generated and used successfully in their flow?

 

Thanks

mgrachii
Resolver II
Resolver II

Hello! What I did is using a Power Shell code to get the string that needs to be used in the Pfx field.

 

$pfxpgi = Get-Content "C:\WINDOWS\system32\{your-cert}.pfx" -Encoding Byte
[System.Convert]::ToBase64String($pfxpgi)


Full description of the solution can be found here in case you'd like to take further look

 

https://powergi.net/2021/03/31/active-directory-oauth-in-power-automate-how-to-set-up-certificate-cr...

Hi,

 

I tried encoding the pfx content of the certificate and I still get the same error.

 

AmaliyaMohan_0-1624391827633.png

 

I get the following details from authentication

 

AmaliyaMohan_1-1624391916999.png

Initially, I tried getting the pfx content from Azure Key Vault using get secret action. I used the value field from this action, I tried using Base64 function on the value field and nothing worked for me. So, I replaced it with pfx content directly by setting it in variable called KeyVaultValue which I used inside Base64 function on the above mentioned image.

 

 

 

Thanks!

juresti
Continued Contributor
Continued Contributor

Hello,

 

@Gaolaiyour http action does not look right to me.

Should look like this - not a series of characters.

 

04.PNG

 

The post operation worked for me. I am now able to request bearer tokens that expire and post / get data from my api while the token is active.

 

I was also having a little issue with trying to use the pem and key files.

 

Then I found you need to make a PFX file with openssl, at least that is what I used.

 

So I made the pfx file with open ssl and uploaded to sharepoint.

 

Then I got contents and put the contents in the pfx field inside the formula base64('contents')

 

Works as expected. I would suggest first testing in PostMan to make sure everything is actually working.

 

01.PNG

 

get file content

02.PNG

 

Http returned my access token

03.PNG

Hi! Try using the pfx content directly but without going to the Base64 step. Did that work?

Assaf_Semoun
New Member

Hi, I work with that.

you need to convert the pfx file to base64 - but not in Power Automate fx base64().

 

I worked online with https://www.browserling.com/tools/file-to-base64.

Assaf_Semoun
New Member

Hi, convert the pfx file in third-party software.

I used https://www.browserling.com/tools/file-to-base64.

 

the base64 function on Power Automate not doing it well.

 

than, put the result in Http Pfx field.

 

Thanks,

Assaf.

Operator4689
New Member

Guys.  😵MAKE SURE YOU HAVE A PREMIUM SUBSCRIPTION(!) 🤕  In my case this was the problem.

 

You do not need to upload the .pfx file to SharePoint.  That's not a secure solution anyhow.

 

You do not need to resort to unsecure third party tools for Base64 encoding of you .pfx file.  That is a DUMB way.  Don't do that!

 

DO THIS:

 

  1. Generate your .pfx file from your .key and .pem.  I used openssl to do this.
  2. Get the Base64 encoding via Powershell (I had to use the older version 5 but it works):
    • $pfxpgi = Get-Content "path\to\your\file.pfx" -Encoding Byte
    • [System.Convert]::ToBase64String($pfxpgi)
  3. Copy/pasta this massive string straight into the Pfx field

From there you just need to tinker with it.  I got mine working after I realized it was a paywall issue!! 

Operator4689
New Member

Guys. 😵  MAKE SURE YOU HAVE A PREMIUM SUBSCRIPTION(!) 🤕 In my case this was the problem. 💸

 

You do not need to upload the .pfx file to SharePoint.  That's not a secure solution anyhow.

 

You do not need to resort to unsecure third party tools for Base64 encoding of your .pfx file.  That is a DUMB way.  Don't do that!

 

DO THIS:

 

  1. Generate your .pfx file from your .key and .pem.  I used openssl to do this.
  2. Get the Base64 encoding via Powershell (I had to use the older version 5 but it works):
    • $pfxpgi = Get-Content "path\to\your\file.pfx" -Encoding Byte
    • [System.Convert]::ToBase64String($pfxpgi)
  3. Copy/pasta this massive string straight into the Pfx field

From there you just need to tinker with it.  I got mine working after I realized it was a paywall issue!! 😓

shawnwang
Employee
Employee

Just got this work and it is actually pretty much the same as using Client Secret. 

 

Step 1. add a Azure Key Vault step - Get Secret - enter the Certificate Name as the customer value here. 

Yes. the Name of the secret == Certificate Name.

shawnwang_0-1716315377738.png

 

Step 2. in your HTTP step, 

- PFX: Value of the secret from above step

- Password: 

 

base64('')

 

 

shawnwang_1-1716315442458.png

 

Done! and it works!

shawnwang_2-1716315561999.png

 

Please make this as the solution if your test succeeds.

Helpful resources

Announcements

Celebrating the June Super User of the Month: Markus Franz

Markus Franz is a phenomenal contributor to the Power Apps Community. Super Users like Markus inspire others through their example, encouragement, and active participation.    The Why: "I do this to help others achieve what they are trying to do. As a total beginner back then without IT background I know how overwhelming things can be, so I decided to jump in and help others. I also do this to keep progressing and learning myself." Thank you, Markus Franz, for your outstanding work! Keep inspiring others and making a difference in the community! 🎉  Keep up the fantastic work! 👏👏 Markus Franz | LinkedIn  Power Apps: mmbr1606  

Copilot Cookbook Challenge | Week 1 Results | Win Tickets to the Power Platform Conference

We are excited to announce the "The Copilot Cookbook Community Challenge is a great way to showcase your creativity and connect with others. Plus, you could win tickets to the Power Platform Community Conference in Las Vegas in September 2024 as an amazing bonus.   Two ways to enter: 1. Copilot Studio Cookbook Gallery:  https://aka.ms/CS_Copilot_Cookbook_Challenge 2. Power Apps Copilot Cookbook Gallery: https://aka.ms/PA_Copilot_Cookbook_Challenge   There will be 5 chances to qualify for the final drawing: Early Bird Entries: March 1 - June 2Week 1: June 3 - June 9Week 2: June 10 - June 16Week 3: June 17 - June 23Week 4: June 24 - June 30     At the end of each week, we will draw 5 random names from every user who has posted a qualifying Copilot Studio template, sample or demo in the Copilot Studio Cookbook or a qualifying Power Apps Copilot sample or demo in the Power Apps Copilot Cookbook. Users who are not drawn in a given week will be added to the pool for the next week. Users can qualify more than once, but no more than once per week. Four winners will be drawn at random from the total qualifying entrants. If a winner declines, we will draw again at random for the next winner.  A user will only be able to win once. If they are drawn multiple times, another user will be drawn at random. Prizes:  One Pass to the Power Platform Conference in Las Vegas, Sep. 18-20, 2024 ($1800 value, does not include travel, lodging, or any other expenses) Winners are also eligible to do a 10-minute presentation of their demo or solution in a community solutions showcase at the event. To qualify for the drawing, templates, samples or demos must be related to Copilot Studio or a Copilot feature of Power Apps, Power Automate, or Power Pages, and must demonstrate or solve a complete unique and useful business or technical problem. Power Automate and Power Pagers posts should be added to the Power Apps Cookbook. Final determination of qualifying entries is at the sole discretion of Microsoft. Weekly updates and the Final random winners will be posted in the News & Announcements section in the communities on July 29th, 2024. Did you submit entries early?  Early Bird Entries March 1 - June 2:  If you posted something in the "early bird" time frame complete this form: https://aka.ms/Copilot_Challenge_EarlyBirds if you would like to be entered in the challenge.   Week 1 Results:  Congratulations to the Week 1 qualifiers, you are being entered in the random drawing that will take place at the end of the challenge. Copilot Cookbook Gallery:Power Apps Cookbook Gallery:1.  @Mathieu_Paris 1.   @SpongYe 2.  @Dhanush 2.   @Deenuji 3.  n/a3.   @Nived_Nambiar  4.  n/a4.   @ManishSolanki 5.  n/a5.    n/a

Your Moment to Shine: 2024 PPCC’s Got Power Awards Show

For the third year, we invite you, our talented community members, to participate in the grand 2024 Power Platform Community Conference's Got Power Awards. This event is your opportunity to showcase solutions that make a significant business impact, highlight extensive use of Power Platform products, demonstrate good governance, or tell an inspirational story. Share your success stories, inspire your peers, and show off some hidden talents.  This is your time to shine and bring your creations into the spotlight!  Make your mark, inspire others and leave a lasting impression. Sign up today for a chance to showcase your solution and win the coveted 2024 PPCC’s Got Power Award. This year we have three categories for you to participate in: Technical Solution Demo, Storytelling, and Hidden Talent.      The Technical solution demo category showcases your applications, automated workflows, copilot agentic experiences, web pages, AI capabilities, dashboards, and/or more. We want to see your most impactful Power Platform solutions!  The Storytelling category is where you can share your inspiring story, and the Hidden Talent category is where your talents (such as singing, dancing, jump roping, etc.) can shine! Submission Details:  Fill out the submission form https://aka.ms/PPCCGotPowerSignup by July 12th with details and a 2–5-minute video showcasing your Solution impact. (Please let us know you're coming to PPCC, too!)After review by a panel of Microsoft judges, the top storytellers will be invited to present a virtual demo presentation to the judges during early August. You’ll be notified soon after if you have been selected as a finalist to share your story live at PPCC’s Got Power!  The live show will feature the solution demos and storytelling talents of the top contestants, winner announcements, and the opportunity to network with your community.  It's not just a showcase for technical talent and storytelling showmanship, show it's a golden opportunity to make connections and celebrate our Community together! Let's make this a memorable event! See you there!   Mark your calendars! Date and Time: Thursday, Sept 19th Location: PPCC24 at the MGM Grand, Las Vegas, NV 

Tuesday Tip | Accepting Solutions

It's time for another TUESDAY TIPS, your weekly connection with the most insightful tips and tricks that empower both newcomers and veterans in the Power Platform Community! Every Tuesday, we bring you a curated selection of the finest advice, distilled from the resources and tools in the Community. Whether you’re a seasoned member or just getting started, Tuesday Tips are the perfect compass guiding you across the dynamic landscape of the Power Platform Community.   To enhance our collaborative environment, it's important to acknowledge when your question has been answered satisfactorily. Here's a quick guide on how to accept a solution to your questions: Find the Helpful Reply: Navigate to the reply that has effectively answered your question.Accept as Solution: Look for the "Accept as Solution" button or link, usually located at the bottom of the reply.Confirm Your Selection: Clicking this button may prompt you for confirmation. Go ahead and confirm that this is indeed the solution.Acknowledgment: Once accepted, the reply will be highlighted, and the original post will be marked as "Solved". This helps other community members find the same solution quickly. By marking a reply as an accepted solution, you not only thank the person who helped you but also make it easier for others with similar questions to find answers. Let's continue to support each other by recognizing helpful contributions. 

Reminder: To register for the Community Ambassador Call on June 13th

Calling all Super Users & User Group Leaders   Reminder: To register for the Community Ambassador Call on June 13th—for an exclusive event for User Group Leaders and Super Users! This month is packed with exciting updates and activities within our community.   What's Happening: Community Updates: We'll share the latest developments and what's new in our vibrant community.Special Guest Speaker: Get ready for an insightful talk and live demo of Microsoft Copilot Studio templates by our special guest.Regular Updates: Stay informed with our routine updates for User Groups and Super Users.Community Insights: We'll provide general information about ongoing and upcoming community initiatives. Don't Miss Out: Register Now: Choose the session that fits your schedule best.Check your private messages or Super User Forum for registration links. We're excited to connect with you and continue building a stronger community together.   See you at the call!  

May 2024 Community Newsletter

It's time for the May Community Newsletter, where we highlight the latest news, product releases, upcoming events, and the amazing work of our outstanding Community members.   If you're new to the Community, please make sure to follow the latest News & Announcements and check out the Community on LinkedIn as well! It's the best way to stay up-to-date with all the news from across Microsoft Power Platform and beyond.        COMMUNITY HIGHLIGHTS Check out the most active community members of the last month! These hardworking members are posting regularly, answering questions, kudos, and providing top solutions in their communities. We are so thankful for each of you--keep up the great work! If you hope to see your name here next month, follow these awesome community members to see what they do!   Power AppsPower AutomateCopilot StudioPower PagesWarrenBelzcreativeopinionExpiscornovusFubarAmikNived_NambiarPstork1OliverRodriguesmmbr1606ManishSolankiMattJimisonragavanrajantimlSudeepGhatakNZrenatoromaoLucas001iAm_ManCatAlexEncodianfernandosilvaOOlashynJmanriqueriosChriddle  BCBuizerExpiscornovus  a33ikBCBuizer  SebSDavid_MA  dpoggermannPstork1     LATEST NEWS   We saw a whole host of amazing announcements at this year's #MSBuild, so we thought we'd share with you a bite sized breakdown of the big news via blogs from Charles Lamanna, Sangya Singh, Ryan Cunningham, Kim Manis, Nirav Shah, Omar Aftab, and ✊🏾Justin Graham :   New ways of development with copilots and Microsoft Power PlatformRevolutionize the way you work with Automation and AIPower Apps is making it easier for developers to build with Microsoft Copilot and each otherCopilot in Microsoft Fabric is now generally available in Power BIUnlock new levels of productivity with Microsoft Dataverse and Microsoft Copilot StudioMicrosoft Copilot Studio: Building copilots with agent capabilitiesMicrosoft Power Pages is bringing the new standard in secure, AI-powered capabilities   If you'd like to relive some of the highlights from Microsoft Build 2024, click the image below to watch a great selection of on-demand Keynotes and sessions!         WorkLab Podcast with Charles Lamanna   Check out the latest episode of the WorkLab podcast with CVP of Business Apps and Platforms at Microsoft, Charles Lamanna, as he explains the ever-expanding evolution of Copilot, and how AI is offering new opportunities for business leaders. Grab yourself a coffee and click the image below to take a listen.       Event Recap: European Collaboration and Cloud Summits 2024   Click the image below to read a great recap by Mark Kashman about the recent European Collaboration Summit and European Cloud Summit held in Germany during May 2024. Great work everybody!       UPCOMING EVENTS European Power Platform Conference - SOLD OUT! Congrats to everyone who managed to grab a ticket for the now SOLD OUT European Power Platform Conference, which takes place in beautiful Brussels, Belgium, on 11-13th June. With a great keynote planned from Ryan Cunningham and Sangya Singh, plus expert sessions from the likes of Aaron Rendell, Amira Beldjilali, Andrew Bibby, Angeliki Patsiavou, Ben den Blanken, Cathrine Bruvold, Charles Sexton, Chloé Moreau, Chris Huntingford, Claire Edgson, Damien Bird, Emma-Claire Shaw, Gilles Pommier, Guro Faller, Henry Jammes, Hugo Bernier, Ilya Fainberg, Karen Maes, Lindsay Shelton, Mats Necker, Negar Shahbaz, Nick Doelman, Paulien Buskens, Sara Lagerquist, Tricia Sinclair, Ulrikke Akerbæk, and many more, it looks like the E in #EPPC24 stands for Epic!   Click the image below for a full run down of the exciting sessions planned, and remember, you'll need to move quickly for tickets to next year's event!       AI Community Conference - New York - Friday 21st June Check out the AI Community Conference, which takes place at the Microsoft Corporate building on Friday 21st June at 11 Times Square in New York City. Here, you'll have the opportunity to explore the latest trends and breakthroughs in AI technology alongside fellow enthusiasts and experts, with speakers on the day including Arik Kalininsky, Sherry Xu, Xinran Ma, Jared Matfess, Mihail Mateev, Andrei Khaidarov, Ruven Gotz, Nick Brattoli, Amit Vasu, and more. So, whether you're a seasoned professional or just beginning your journey into AI, click the image below to find out more about this exciting NYC event.       TechCon365 & Power Platform Conference - D.C. - August 12-16th ** EARLY BIRD TICKETS END MAY 31ST! ** Today's the perfect time to grab those early bird tickets for the D.C. TechCon365 & PWRCON Conference at the Walter E Washington Center on August 12-16th! Featuring the likes of Tamara Bredemus, Sunny Eltepu, Lindsay Shelton, Brian Alderman, Daniel Glenn, Julie Turner, Jim Novak, Laura Rogers, Microsoft MVP, John White, Jason Himmelstein, Luc Labelle, Emily Mancini, MVP, UXMC, Fabian Williams, Emma Wiehe, Amarender Peddamalku, and many more, this is the perfect event for those that want to gain invaluable insights from industry experts. Click the image below to grab your tickets today!         Power Platform Community Conference - Sept. 18-20th 2024 Check out some of the sessions already planned for the Power Platform Community Conference in Las Vegas this September. Holding all the aces we have Kristine Kolodziejski, Lisa Crosbie, Daniel Christian, Dian Taylor, Scott Durow🌈, David Yack, Michael O. and Aiden Kaskela, who will be joining the #MicrosoftCommunity for a series of high-stakes sessions! Click the image below to find out more as we go ALL-IN at #PPCC24!       For more events, click the image below to visit the Community Days website.    

Users online (3,715)