Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

the PowerShell script is not working #1229

Answered by waldekmastykarz
coxantohi asked this question in Q&A
Discussion options

Type of issue

Code doesn't work

Feedback

the certificate generated with the PowerShell script from the documentation is invalid.

what would work is having:
$arguments = 'pkcs12 -in "{0}\rootCert.pfx" -clcerts -nokeys -out "{0}\rootCert.crt"' -f $proxyPath
instead of
$arguments = 'pkcs12 -in "{0}\rootCert.pfx" -out "{0}\rootCert.crt" -nodes' -f $proxyPath
and deleting everything after
Start-Process -FilePath $executable -ArgumentList $arguments -NoNewWindow -Wait

the certificate generated with the PowerShell script in the documentation looks like:

-----BEGIN CERTIFICATE-----
MIIC2DCCAcCgAwIBAgIILyN5dU7l9fEwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UE
AwwMRGV2IFByb3h5IENBMB4XDTIzMDIxNjIyMDgwMVoXDTI2MDUyMjIyMDgwMVow
FzEVMBMGA1UEAwwMRGV2IFByb3h5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAgiz1kA2nJ4ovX/RPyH0Z3c9/FFgpGF/i7O9iQ81CsNb71ruGI9eA
HDGeHeYe80DiRfZ/Xe6WS0ZOQXMU3CFDhiSbf0J8VX9Hq4Ua6Rj+9K1tRUjxnWvf
pSwj4aOi8Bd3J3hshN2dd6RrVQYvONhKJrrbXhSL+Np8jn6KjDAauewbyHFBZhGn
3cy9EDzBcBXWbf60gdrFrdkp3oQeWs/WKLtF4C1LirtbxEtQHdIuwGa+gbVE6jF3
P6GDPXwiSM7sDlLbyninLa1Mm7tfvrRcSK7yUruntm9JbAvvYrfCT31dRQ+0yMAM
wsy2oIhANlRdjmJuwovjn7wwehWqJ4cdLwIDAQABoygwJjATBgNVHSUEDDAKBggr
BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBG43lG
j0ApIT4wWEl4GkucDeiWMaddyVclY5Jd7yJhzN3PLjAstHoKjiXGQeTTDz5WeA9X
uLofXuX/5L9Q+ajX9s4uuvDVFUMW7qqhLKrDg8DeAwNQJQxodTYXPP+KhnzNPKiO
i3/cXHMuxa0Pfekmq+v4221mjKoxCezhp9BnNX8Q0AhUQS7HwpYCT22MouzVMFnx
kIrYl+3Mqi86uj3JL4JTtFV5ioqMaQA7PkJLFU/hVXlO066WyzzDvdJCwwHi0Mac
aXpDbo6oPBGC5ZDsvuueVOQ6LtKEocOiuw6DiZ55frbds6ZZefiRU8KO6L7RIwCB
7Dk716Bkwka9Yx17
-----END CERTIFICATE-----

while the certificate generated with the proposed change looks like:

Bag Attributes
 localKeyID: 01 00 00 00 
 friendlyName: Dev Proxy CA
subject=CN = Dev Proxy CA
issuer=CN = Dev Proxy CA
-----BEGIN CERTIFICATE-----
MIIC2DCCAcCgAwIBAgIILyN5dU7l9fEwDQYJKoZIhvcNAQELBQAwFzEVMBMGA1UE
AwwMRGV2IFByb3h5IENBMB4XDTIzMDIxNjIyMDgwMVoXDTI2MDUyMjIyMDgwMVow
FzEVMBMGA1UEAwwMRGV2IFByb3h5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
MIIBCgKCAQEAgiz1kA2nJ4ovX/RPyH0Z3c9/FFgpGF/i7O9iQ81CsNb71ruGI9eA
HDGeHeYe80DiRfZ/Xe6WS0ZOQXMU3CFDhiSbf0J8VX9Hq4Ua6Rj+9K1tRUjxnWvf
pSwj4aOi8Bd3J3hshN2dd6RrVQYvONhKJrrbXhSL+Np8jn6KjDAauewbyHFBZhGn
3cy9EDzBcBXWbf60gdrFrdkp3oQeWs/WKLtF4C1LirtbxEtQHdIuwGa+gbVE6jF3
P6GDPXwiSM7sDlLbyninLa1Mm7tfvrRcSK7yUruntm9JbAvvYrfCT31dRQ+0yMAM
wsy2oIhANlRdjmJuwovjn7wwehWqJ4cdLwIDAQABoygwJjATBgNVHSUEDDAKBggr
BgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBG43lG
j0ApIT4wWEl4GkucDeiWMaddyVclY5Jd7yJhzN3PLjAstHoKjiXGQeTTDz5WeA9X
uLofXuX/5L9Q+ajX9s4uuvDVFUMW7qqhLKrDg8DeAwNQJQxodTYXPP+KhnzNPKiO
i3/cXHMuxa0Pfekmq+v4221mjKoxCezhp9BnNX8Q0AhUQS7HwpYCT22MouzVMFnx
kIrYl+3Mqi86uj3JL4JTtFV5ioqMaQA7PkJLFU/hVXlO066WyzzDvdJCwwHi0Mac
aXpDbo6oPBGC5ZDsvuueVOQ6LtKEocOiuw6DiZ55frbds6ZZefiRU8KO6L7RIwCB
7Dk716Bkwka9Yx17
-----END CERTIFICATE-----

running openssl having $arguments = 'x509 -text -inform PEM -in "{0}\rootCert.crt"' -f $proxyPath would work for the certificate generated with the proposed change, while for the certificate generated with the PowerShell script in the documentation it would fail with:
Could not read certificate from and 100000000A000000:error:1E08010C:DECODER routines:OSSL_DECODER_from_bio:unsupported:crypto/encode_decode/decoder_lib.c:102:No supported data to decode. Input type: PEM, Input structure: Certificate

related to this, it should be mentioned in the documentation that when being prompted for the password with Enter Import Password: Enter should be hit as the password is empty.

Page URL

https://learn.microsoft.com/en-us/microsoft-cloud/dev/dev-proxy/how-to/use-dev-proxy-with-dotnet-docker

Content source URL

https://github.com/MicrosoftDocs/microsoft-cloud/blob/main/docs/dev/dev-proxy/how-to/use-dev-proxy-with-dotnet-docker.md

Author

@waldekmastykarz

Document Id

7a428e61-5196-25bd-b386-99040213d6fd
You must be logged in to vote

If I follow the steps that we have in the documentation right now, I'm getting the following output when importing the certificate in the container:

root@61bd7d3a7b86:/usr/app/src# cp rootCert.crt /usr/local/share/ca-certificates/
root@61bd7d3a7b86:/usr/app/src# update-ca-certificates
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.

It seems that it's working just fine. Could you please share the exact steps that you're following to help us understand what's wrong?

Replies: 2 comments

Comment options

If I follow the steps that we have in the documentation right now, I'm getting the following output when importing the certificate in the container:

root@61bd7d3a7b86:/usr/app/src# cp rootCert.crt /usr/local/share/ca-certificates/
root@61bd7d3a7b86:/usr/app/src# update-ca-certificates
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.

It seems that it's working just fine. Could you please share the exact steps that you're following to help us understand what's wrong?
You must be logged in to vote
0 replies
Answer selected by waldekmastykarz
Comment options

Closing due to lack of response
You must be logged in to vote
0 replies
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
Converted from issue

This discussion was converted from issue #567 on June 04, 2025 10:03.

AltStyle によって変換されたページ (->オリジナル) /