Hi,
I am trying to authenticate using a certificate. I was following below documentation.
https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/guides/service_principal_client_secret
I am using the agents provided by terraform cloud to run the deployments by setting the execution mode in the workspace as “Remote”.
Hence I do not have any access to the machine where the agents are running. Neither I can set the environment variables nor install the certificates on the agents.
I tried using the below code to use certificate.
provider “azurerm” {
features {
}
client_id = “xxxx-xxxx-xxxx-xxxx-123456789”
tenant_id = “xxxx-xxx-xxx-xxx-xxxxx”
subscription_id = “xxxxxx-xxxxx-xxxx-xxxxx-xxxxx”
client_certificate_path = “C:\MyPath\MyFolder\TF\mypfx.pfx”
client_certificate_password = “87654”
}
But the terraform plan failed with below error. Can someone please help me in fixing this error?
I made sure that the ceritificate is available in the app registraion. And the thumbprint of the certificate in the Azure app registration matches with the one located in “C:\MyPath\MyFolder\TF\mypfx.pfx”.
Error: building account: could not acquire access token to parse claims: clientCredentialsToken: received HTTP status 401 with response: {“error”:“invalid_client”,“error_description”:"AADSTS700027: The certificate with identifier used to sign the client assertion is not registered on application. [Reason - The key was not found., Please visit the Azure Portal, Graph Explorer or directly use MS Graph to see
configured keys for app Id ‘xxxx-xxxx-xxxx-xxxx-123456789’.