Ole Kristian Mørch-Storstein

Ole Kristian Mørch-Storstein

Engineer. Developer. Dad. Robot rights activist and occasional vampire hunter. CTO @ Puzzlepart

📥 Public GPG/PGP key

This post is relevant for users of the new PnP.PowerShell module, built for PowerShell 7.1, especially those of you running PnP PowerShell on a non-windows machine or in WSL.

If you’re using PnP PowerShell though e.g. Azure Automation, you should look into authenticating against your Microsoft 365 tenant using an Azure app. Setting this up manually can be a bit of a hassle, so especially for test and dev sites Im a big fan using Initialize-PnPPowerShellAuthentication (documentation). This cmdlet walks you through setting up a new Azure AD App with a self signed certificate. I will not go throgh how this setup process works as there are other good posts on the topic. However, if you’re doing this in a non-windows environment you will still have to import your certificate into the local certificate store.

The following will let you do this. Copy, add the path to your .pfx file and paste into a terminal

$PathToCertificate = "<path to your pfx file>" # e.g. /home/okms/PnP PowerShell.pfx
$StoreName = [System.Security.Cryptography.X509Certificates.StoreName]::My 
$StoreLocation = [System.Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser 
$Store = [System.Security.Cryptography.X509Certificates.X509Store]::new($StoreName, $StoreLocation) 
$Flag = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable 
$Certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($PathToCertificate,"",$Flag) 
$Store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) 
$Store.Add($Certificate) 
$Store.Close()

Here’s the same lines of script wrapped in a function which can be convenient if you want to add this to your $PROFILE or need it as part of a script.

function() {
  [CmdletBinding()]
  Param(
    [Parameter(Mandatory = $true)]
    [string]$PathToCertificate,
  )
  Write-Verbose ("Adding certificate '{0}' to the local store" -f $PathToCertificate)
  $StoreName = [System.Security.Cryptography.X509Certificates.StoreName]::My 
  $StoreLocation = [System.Security.Cryptography.X509Certificates.StoreLocation]::CurrentUser 
  $Store = [System.Security.Cryptography.X509Certificates.X509Store]::new($StoreName, $StoreLocation) 
  $Flag = [System.Security.Cryptography.X509Certificates.X509KeyStorageFlags]::Exportable 
  $Certificate = [System.Security.Cryptography.X509Certificates.X509Certificate2]::new($PathToCertificate,"",$Flag) 
  $Store.Open([System.Security.Cryptography.X509Certificates.OpenFlags]::ReadWrite) 
  $Store.Add($Certificate) 
  $Store.Close()
  Write-Verbose ("Certificate successfully added")
}

Updated:

You May Also Enjoy

Test SharePoint webhooks using webhook.site

1 minute read

The article describes how to use webhook.site to test SharePoint webhooks. The first step is to get a unique URL for the webhook from webhook.site, which wil...

Missing navigation menu in M365 Groups

2 minute read

Recently I stated getting reports from users who had problems with the navigation menu dissapearing from SharePoint Team sites. Users were redirected to http...