Get-AzCodeSigningRootCert

Retrieve Azure.CodeSigning Root Cert

Syntax

Get-AzCodeSigningRootCert
   [-AccountName] <String>
   [-ProfileName] <String>
   -EndpointUrl <String>
   -MetadataFilePath <String>

Description

The Get-AzCodeSigningRootCert cmdlet retrieves Azure CodeSigning Root Cert. Use this cmdlet to retrieve Azure CodeSigning Root Cert. There are two sets of parameters. One set uses AccountName, ProfileName, and EndpointUrl. Another set uses MetadataFilePath. Destination is the downloaded root cert file path, which incldues the file name and extension .cer.

Examples

Example 1: Retrieve a root cert by account and profile name

Get-AzCodeSigningRootCert -AccountName 'contoso' -ProfileName 'contososigning' -EndpointUrl 'https://wus.codesigning.azure.net' -Destination 'c:\acs\rootcert.cer'

Thumbprint                               Subject
----------                               -------
3A7B1F8C2E9D5A0B4F6E2C1D9F4B8A3E         CN=Microsoft Identity Verification Root Certificate Authority 2020, O=Microsoft

This command retrieves a root certificate that is currently in use for signing by the account and profile.

Example 2: Retrieve a root cert using the metadata file path configuration

Get-AzCodeSigningRootCert -MetadataFilePath 'c:\cisigning\metadata_input.json' -Destination 'c:\acs\rootcert.cer'

Thumbprint                               Subject
----------                               -------
3A7B1F8C2E9D5A0B4F6E2C1D9F4B8A3E         CN=Microsoft Identity Verification Root Certificate Authority 2020, O=Microsoft

This command retrieves a root certificate that is currently in use for signing by the metadata configuration.

Parameters

-AccountName

Specifies Azure CodeSigning AccountName used to sign CI policy.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-Destination

Specifies the downloaed root cert file path.

Type:String
Position:5
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-EndpointUrl

Specifies Azure CodeSigning Endpoint used to sign CI policy. It's an Url, format is https://xxx.codesigning.azure.net

Type:String
Position:3
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-MetadataFilePath

Specifies Azure CodeSigning Metadata file path used to sign CI policy. It's a file path, and the metadata content is below. File content example: { "Endpoint": "https://xxx.codesigning.azure.net/", "CodeSigningAccountName": "acstest", "CertificateProfileName": "acstestCert1" }

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ProfileName

Specifies Azure CodeSigning ProfileName used to sign CI policy.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Azure CodeSigning AccountName

Azure CodeSigning Profile Name

Azure CodeSigning Signing EndpointUrl

Azure CodeSigning UnSigned CI Policy File Path

Azure CodeSigning Signed CI Policy File Path Destination

String

Outputs

Signed CI Policy file