What is the end-to-end process for Azure SPN login using a certificate in a GitHub workflow (not a self-hosted agent)?
I have searched many documents no where I find how can I login using certificate in pipelines/github workflows. Thanks in advance
#How to login using spn with certificate authentication ? Note: Don't provide password at any point of time in this process
#Generate SSL certificate using openssl in your machine
openssl req -newkey rsa:4096 -nodes -keyout "service.key" -out "service.csr"
openssl x509 -signkey "service.key" -in "service.csr" -req -days 1825 -out "service.crt"
#upload .crt certificate to spn in azure environment
#Convert crt to pem so we can copy it to github secrets
certutil -encode service.crt service.pem
#save .pem and .key as github secrets
#Convert pem to crt in github workflow
certutil -decode service.pem service.crt
#Generate pfx from crt in github workflow
certutil -mergepfx service.crt service.pfx
#Login using pfx file in github workflow
connect-AzAccount -ServicePrincipal -Tenant $tenantid -ApplicationId $clientid -CertificatePath "service.pfx"