Error importing pfx certificate - Cannot read property 'tbsCertificate' of null

Question

I have a PFX file that presents me with the following error when trying to add it to a freshly created Batch account:

Cannot read property 'tbsCertificate' of null

The same certificate (exact same file) has previously been imported into an older Batch account, at least a year ago. The same certificate (exact same file) can also be imported into KeyVault fine through the portal.

I have tried importing the certificate locally, and then exporting it in the 2 different formats that Windows will let me export as (as described here): TripleDES-SHA1 and AES256-SHA256 but they provide the same error message

Azure Batch Explorer also presents the same error when trying to add the certificate that way

Answer 1

Hi @WinstonHoward-MSFT,

Certificate is running fine in App Services (in production right now) and has been for a while. Haven't tested being able to use it from KeyVault though. It's even running fine in another Azure Batch account which was set up at least a couple of years ago. The only reason we're looking at importing it again is because we need to create a new Batch account for some "specialist" VMs.

Regards,
Matthew

Answer 2

Hi Winston,

Thanks for the reply. Unfortunately the cert was provided to us as a client certificate that we need to use to access a third party so we can't re-generate it. What you've said makes sense by itself, but doesn't explain why both App Services and KeyVault are happy to import and use this certificate? It's the exact same pfx file.

Regards,
Matthew