I've created an Automation account with a RunAs account from Azure Portal. A certificate was automatically generated. I want to create a PFX file from this certificate using the openssl utility.
I can do it using PowerShell Core 7.1.0-rc.2 with these steps and code:
$base64value = "<contents of the value property here>"# Create a X509 certificate object
$byteArray = [System.Convert]::FromBase64String($base64value)
$cert = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($byteArray)
# Export the certificate as a PFX file
$bytesPfx = $cert.Export([System.Security.Cryptography.X509Certificates.X509ContentType]::Pfx)
[System.IO.File]::WriteAllBytes('filename.pfx', $bytesPfx)
What I'm trying to figure out is how to do that same process using the openssl utility, given that base64 string value from the JSON manifest of the Automation account. Since I am able to convert that base64 string to a byte array and then into a X509 certificate using the .NET class's constructor, I would imagine I'd need to use openssl x509, but I can't find any option that takes a base64 string or a binary argument or file.
OK thanks @bartonjs for the tip. I ended up doing this from a Linux shell:
echo "<huge base64-encoded string from value property>" > base64.data.txt
base64 --decode base64.data.txt > test01.pfx
Then I tested calling the .NET constructor for the X509Certificate2 class with that PFX file and it created the certificate object successfully.