Azurerm_automation_certificate - Certificate base64Value is invalid

I am getting the error below when trying to create a azurerm_automation_certificate resource. The certificate I am using is a selfsigned one that I created with powershell cmdlt New-SelfSignedCertificate and it is ok to upload through the Azure portal but not with terraform and it seems to be some issue with the base64 argument. which validates but error is still thrown when applying to Azure. Are there any know issues with this resource or a magic workaround that I have not managed to find?


$password = (New-Guid).Guid
$securePassword = ConvertTo-SecureString -String $password -Force -AsPlainText

$spCert = New-SelfSignedCertificate -certstorelocation “cert:\localmachine\my”
-dnsname “
-NotAfter (Get-Date).AddMonths(12)
-Subject “CN=AzureAutomationCertificate”
-KeySpec KeyExchange

Export-PfxCertificate -cert cert:\localMachine\my$($spCert.Thumbprint)
-FilePath “$PSScriptRoot\MySelfSignedCertificate.pfx”
-Password $securePassword | Out-Null


Terraform v0.12.24

  • provider.azuread v0.11.0
  • provider.azurerm v2.23.0
  • provider.local v1.4.0

resource “azurerm_automation_certificate” “main” {
name = “certificate1”
resource_group_name =
automation_account_name =
description = “This is an example certificate”
base64 = filebase64(“MySelfSignedCertificate.pfx”)

automation.CertificateClient#CreateOrUpdate: Failure responding to request: StatusCode=400 – Original Error: autorest/azure: Service returned an error. Status=400 Code=“BadRequest” Message=“Certificate base64Value is invalid.”

Created issue