Azure-docs: Key Thumbprint discrepancy between portal and New-AzureADApplicationKeyCredential
Hi,
I have noticed that according to the way keys were associated to applications, their thumbprint shown in the App Registrations > The Application > Settings > keys page end up different...
It's only when the public key is uploaded through the portal that its thumbprint is the same as when accessing the certificate in the Microsoft Management Console.
Using New-AzureADApplicationKeyCredential displays a much longer thumbprint.
Any insight about how it's calculated would be appreciated as it would ease spotting them in case we want to revoke one.
Right now I fall back on computing its CustomKeyIdentifier and removing it manually from the Application Manifest.
Thanks and kind regards.
Is there a good reason for it ?
Document Details
⚠Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.
- ID: b28c3b2e-d661-682d-df1b-68d941016e87
- Version Independent ID: b2ebf2b0-f9d3-2583-4e64-54fa083b5a57
- Content: Integrating Applications with Azure Active Directory
- Content Source: articles/active-directory/develop/active-directory-integrating-applications.md
- Service: active-directory
- GitHub Login: @CelesteDG
- Microsoft Alias: celested
chaami
All 6 comments
Thanks for the feedback! We are looking into this and will get back to you shortly.
MarileeTurscak-MSFT
on 27 Jul 2018
Its a known issue and is the process of being fixed.
Certificates created through PowerShell are created using a different encoding than the certificates created through the Ibiza Portal, and a bug in UI does not handle these two different encoding correctly.
kalyankrishna1
on 18 Aug 2018
@kalyankrishna1 Thanks Kalyan for the update.
@chaami We will now proceed to close this thread. If there are further questions regarding this matter, please reopen it and we will gladly continue the discussion.
SaurabhSharma-MSFT
on 20 Aug 2018
Hi, @SaurabhSharma-MSFT , @kalyankrishna1 .
Thanks a lot for the precious information.
Can we keep this issue open until the problem is fixed or link to another issue tracking the progress ?
Also, it seems that I can't reopen this but only comment 😉
Kind regards,
Amine
chaami
on 22 Aug 2018
Hello, I know this is sort of an old post, but is it still a known issue when using the New-AzureADApplicationKeyCredential command that the customKeyIdentifier is incorrect in the portal but looks right when creating it in PowerShell?
dawsonar802
on 28 Mar 2020
Hi @SaurabhSharma-MSFT
this is still an issue. when using the New-AzureADApplicationKeyCredential as described in
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureadapplicationkeycredential?view=azureadps-2.0#example-2--use-a-certificate-to-add-an-application-key-credential
=> the thumbprint in the portal shows as "Thumbprint not available". the credentials does work.
Chielus
on 27 Aug 2020
Related issues
jebeld17
·
3Comments
spottedmahn
·
3Comments
monteledwards
·
3Comments
behnam89
·
3Comments
jharbieh
·
3Comments
Most helpful comment
Hi @SaurabhSharma-MSFT
this is still an issue. when using the New-AzureADApplicationKeyCredential as described in
https://docs.microsoft.com/en-us/powershell/module/azuread/new-azureadapplicationkeycredential?view=azureadps-2.0#example-2--use-a-certificate-to-add-an-application-key-credential
=> the thumbprint in the portal shows as "Thumbprint not available". the credentials does work.