2

I am trying to use Postman Chrome app to make REST calls against Microsoft Azure Service Management API. However, I get the following error 

<Message>The server failed to authenticate the request. Verify that the  certificate is valid and is associated with this subscription.</Message>

Here is what I did.

I created a self signed certificate. I uploaded that certificate to Azure Certificate store in the management portal and added the same to the trusted root certification authorities in my windows certificate store. However, I can't still make a valid API call. Can someone guide me down the right path here.

csprabala
  • 177
  • 12

2 Answers2

4

Finally I solved it myself. Here are the steps

1) Create a certificate using the following command in your Visual Studio Command Prompt

makecert -sky exchange -r -n "CN=<certname>" -pe -a sha1 -len 2048 -ss My   <certname>.cer"

2) Upload the cer file in the settings portion of the azure management portal

3) Export a pfx file containing the private key to a location on your machine.

4) Add that pfx file to Chrome in settings certificates in trusted root certificates list

5) Make the REST call using Postman.

csprabala
  • 177
  • 12
  • Thanks for figuring this out. Some remarks: * The `makecert` command [is deprecated](https://blogs.technet.microsoft.com/askds/2012/08/14/rsa-key-blocking-is-here/), but works. * It would be nice if you explain the arguments a little bit. * The `-ss` argument (Save encoded certificate to store) is not needed with `makecert` as it will be done in the `*.pfx` import step (deleted it). – Dominik May 05 '17 at 17:23
  • My [edit of your answer](https://stackoverflow.com/review/suggested-edits/16043574) was rejected, unfortunately. Feel free to add them and ping me that I will delete my = your answer enhanced. – Dominik Jun 22 '17 at 12:38
0

Enhancement of @csprabala's answer as my edit of his answer was rejected. Credits go to @csprabala.

  1. Create a certificate using the program makecert. You find it either in your Visual Studio command window or in another location. Run this command:

    makecert -sky exchange -r -n "CN=<certname>" -pe -a sha512 -len 2048 - sv "<certname>.pvk" "<certname>.cer"

  2. Upload the <certname>.cer file in the settings portion of the Azure management portal .

  3. Create a <certname>.pfx file containing the private key with this command (program is in the same location as in 1.):

    pvk2pfx.exe -pvk "<certname>.pvk" -spc "<certname>.cer" -pfx "<certname>. pfx"

  4. Import the file <certname>.pfx to the Windows user certificates store. You can do this in Chrome in the settings under "HTTPS/SSL" > "Manage Certificates ...". The "Personal" certificate store is appropriate.

  5. Make the REST call using Postman.

Dominik
  • 2,283
  • 1
  • 25
  • 37