-
-
Save SP3269/a766709e7aeadc92a953dd253bb53b6a to your computer and use it in GitHub Desktop.
| #! /usr/bin/pwsh -nop | |
| $j = Get-Content "./Gsuite.json" | ConvertFrom-JSON | |
| $priv = $j.private_key | |
| $pub = (Invoke-RestMethod $j.client_x509_cert_url).($j.private_key_id) | |
| $rnd = Get-Random 1000001 | |
| $priv | Out-File ".\priv$rnd.key" | |
| $pub | Out-File ".\pub$rnd.cer" | |
| openssl pkcs12 -export -in "pub$rnd.cer" -inkey "priv$rnd.key" -out "pfx$rnd.p12" -password pass:notasecret |
Hard to tell without seeing the inner error. An issue with the input data ir format, most likely. Searching for ‘openssl unable to load certificate’ yields many StackOverflow.com and SuperUser.com results with possible causes and things to try.
I get a lot of 1E08010C:DECODER errors, "No supported data to decode. Input type: PEM", any ideas? Thank you.
I think it's not happy with something about the private key extracted from the json for some reason. Originally established in 2018, but the defined key does work fine for me in a google-apps-script module I use with firestore.
@jgassie - "Works for me 😉". However:
There's a StackOverflow thread discussing that same error, and the culprit was presence of the \n, making the private_key value not properly formatted PEM.
For me, the ConvertFrom-Json correctly converts \n in the string values to newlines. Maybe your version of PowerShell doesn't? Perhaps you could try
$priv -replace "\n","`n" | Out-File ".\priv$rnd.key"- see if that helps.
Thanks for the response! If I had just used PS7 it would have been fine. I had to change the encoding on both the CER and the KEY file to remove the LE BOM established from running under PS 5.1 (unlike PS 7) and just left them as UTF-8 encoding, then it processed the openssl command fine. The line feed characters were not an issue it seems. I also found that I made a p12 for the same service account years ago (of course!). Thanks again!
Hi @SP3269 While doing this, I am getting below error. By any chance do you know what is wrong?
