Accessing PFX password in deployment script when generated with custom password

stevo · January 25, 2024, 10:39am

I’m using a powershell post deployment script to convert the generated pfx to PEM files. As I know what password I’ve used for the pfx I can hard-code that into the PFX->PEM conversion functions and it all works fine.

However we may need to start rotating these passwords in the future, and if we do I’d like to be able to programmatically determine the password used in the post_deployment script from the params block.

Currently I can see the credential id; are there any plans to expose these credentials ?

tdmarchetta · January 26, 2024, 5:19am

I’m just curious why do you have a powershell script to take the PFX and convert it to PEM when the function’s already built into certify the web?

webprofusion · January 26, 2024, 6:00am

A future version may have some kind of API for access to stored credentials but currently that’s not available.

As @tdmarchetta suggests I would encourage the use of the built in PEM export via the Deploy to Generic Server deployment task (as in the above screenshot) or the Export Certificate task.