W:\talespin-airframe\3.0\streaming\builds>AzureSignTool sign --azure-key-vault-tenant-id **** --azure-key-vault-url **** --azure-key-vault-client-id **** --azure-key-vault-client-secret **** --azure-key-vault-certificate Engineering --timestamp-rfc3161 http://timestamp.digicert.com --verbose "Streaming.exe"
trce: AzureSignTool.SignCommand[0]
Retrieving certificate Engineering.
fail: AzureSignTool.SignCommand[0]
Failed to retrieve certificate Engineering from Azure Key Vault. Please verify the name of the certificate and the permissions to the certificate. Error message: ClientSecretCredential authentication failed: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000222: The provided client secret keys for app **** are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds.
Trace ID: 123199a0-bd24-40c3-add4-35f331e99601
Correlation ID: abced7da-f9a8-4f13-ae08-fabead88ac58
Timestamp: 2023-02-09 15:26:06Z.
trce: AzureSignTool.SignCommand[0]
Azure.Identity.AuthenticationFailedException: ClientSecretCredential authentication failed: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000222: The provided client secret keys for app **** are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds.
Trace ID: 123199a0-bd24-40c3-add4-35f331e99601
Correlation ID: abced7da-f9a8-4f13-ae08-fabead88ac58
Timestamp: 2023-02-09 15:26:06Z
---> MSAL.NetCore.4.30.1.0.MsalServiceException:
ErrorCode: invalid_client
Microsoft.Identity.Client.MsalServiceException: A configuration issue is preventing authentication - check the error message from the server for details. You can modify the configuration in the application registration portal. See https://aka.ms/msal-net-invalid-client for details. Original exception: AADSTS7000222: The provided client secret keys for app **** are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds.
Trace ID: 123199a0-bd24-40c3-add4-35f331e99601
Correlation ID: abced7da-f9a8-4f13-ae08-fabead88ac58
Timestamp: 2023-02-09 15:26:06Z
at Microsoft.Identity.Client.Internal.Requests.RequestBase.HandleTokenRefreshError(MsalServiceException e, MsalAccessTokenCacheItem cachedAccessTokenItem)
at Microsoft.Identity.Client.Internal.Requests.ClientCredentialRequest.ExecuteAsync(CancellationToken cancellationToken)
at Microsoft.Identity.Client.Internal.Requests.RequestBase.RunAsync(CancellationToken cancellationToken)
at Microsoft.Identity.Client.ApiConfig.Executors.ConfidentialClientExecutor.ExecuteAsync(AcquireTokenCommonParameters commonParameters, AcquireTokenForClientParameters clientParameters, CancellationToken cancellationToken)
at Azure.Identity.AbstractAcquireTokenParameterBuilderExtensions.ExecuteAsync[T](AbstractAcquireTokenParameterBuilder`1 builder, Boolean async, CancellationToken cancellationToken)
at Azure.Identity.MsalConfidentialClient.AcquireTokenForClientAsync(String[] scopes, Boolean async, CancellationToken cancellationToken)
at Azure.Identity.ClientSecretCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
StatusCode: 401
ResponseBody: {"error":"invalid_client","error_description":"AADSTS7000222: The provided client secret keys for app **** are expired. Visit the Azure portal to create new keys for your app: https://aka.ms/NewClientSecret, or consider using certificate credentials for added security: https://aka.ms/certCreds.\r\nTrace ID: 123199a0-bd24-40c3-add4-35f331e99601\r\nCorrelation ID: abced7da-f9a8-4f13-ae08-fabead88ac58\r\nTimestamp: 2023-02-09 15:26:06Z","error_codes":[7000222],"timestamp":"2023-02-09 15:26:06Z","trace_id":"123199a0-bd24-40c3-add4-35f331e99601","correlation_id":"abced7da-f9a8-4f13-ae08-fabead88ac58","error_uri":"https://login.microsoftonline.com/error?code=7000222"}
Headers: Cache-Control: no-store, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
client-request-id: abced7da-f9a8-4f13-ae08-fabead88ac58
x-ms-request-id: 123199a0-bd24-40c3-add4-35f331e99601
x-ms-ests-server: 2.1.14526.6 - EUS ProdSlices
x-ms-clitelem: 1,7000222,0,,
X-XSS-Protection: 0
Set-Cookie: fpc=Ag1PvVq10X9NsAz6mKDHvFaaULwvAQAAAI4Hd9sOAAAA; expires=Sat, 11-Mar-2023 15:26:06 GMT; path=/; secure; HttpOnly; SameSite=None, x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 09 Feb 2023 15:26:06 GMT
--- End of inner exception stack trace ---
at Azure.Identity.CredentialDiagnosticScope.FailWrapAndThrow(Exception ex)
at Azure.Identity.ClientSecretCredential.GetTokenAsync(TokenRequestContext requestContext, CancellationToken cancellationToken)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueFromCredentialAsync(TokenRequestContext context, Boolean async, CancellationToken cancellationToken)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueAsync(HttpMessage message, TokenRequestContext context, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AccessTokenCache.GetHeaderValueAsync(HttpMessage message, TokenRequestContext context, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.AuthenticateAndAuthorizeRequestAsync(HttpMessage message, TokenRequestContext context)
at Azure.Security.KeyVault.ChallengeBasedAuthenticationPolicy.AuthorizeRequestOnChallengeAsyncInternal(HttpMessage message, Boolean async)
at Azure.Core.Pipeline.BearerTokenAuthenticationPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
at Azure.Core.Pipeline.RedirectPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
at Azure.Core.Pipeline.RetryPolicy.ProcessAsync(HttpMessage message, ReadOnlyMemory`1 pipeline, Boolean async)
at Azure.Core.Pipeline.HttpPipeline.SendRequestAsync(Request request, CancellationToken cancellationToken)
at Azure.Security.KeyVault.KeyVaultPipeline.SendRequestAsync(Request request, CancellationToken cancellationToken)
at Azure.Security.KeyVault.KeyVaultPipeline.SendRequestAsync[TResult](RequestMethod method, Func`1 resultFactory, CancellationToken cancellationToken, String[] path)
at Azure.Security.KeyVault.Certificates.CertificateClient.GetCertificateAsync(String certificateName, CancellationToken cancellationToken)
at AzureSignTool.KeyVaultConfigurationDiscoverer.Materialize(AzureKeyVaultSignConfigurationSet configuration) in /_/src/AzureSignTool/KeyVaultConfigurationDiscoverer.cs:line 45
fail: AzureSignTool.SignCommand[0]
Failed to get configuration from Azure Key Vault.
script returned exit code -2147024809
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(22.400000000000002, 80%, 12%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDH%3C/text%3E%3C/svg%3E)
