diff --git a/src/RecoveryServices/RecoveryServices.Backup.ServiceClientAdapter/RecoveryServices.Backup.ServiceClientAdapter.csproj b/src/RecoveryServices/RecoveryServices.Backup.ServiceClientAdapter/RecoveryServices.Backup.ServiceClientAdapter.csproj
index 79d8dd649e26..337508b0605d 100644
--- a/src/RecoveryServices/RecoveryServices.Backup.ServiceClientAdapter/RecoveryServices.Backup.ServiceClientAdapter.csproj
+++ b/src/RecoveryServices/RecoveryServices.Backup.ServiceClientAdapter/RecoveryServices.Backup.ServiceClientAdapter.csproj
@@ -12,7 +12,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices.Backup.Test/RecoveryServices.Backup.Test.csproj b/src/RecoveryServices/RecoveryServices.Backup.Test/RecoveryServices.Backup.Test.csproj
index ea787f3990f9..8b30984c2648 100644
--- a/src/RecoveryServices/RecoveryServices.Backup.Test/RecoveryServices.Backup.Test.csproj
+++ b/src/RecoveryServices/RecoveryServices.Backup.Test/RecoveryServices.Backup.Test.csproj
@@ -13,7 +13,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices.Backup/RecoveryServices.Backup.csproj b/src/RecoveryServices/RecoveryServices.Backup/RecoveryServices.Backup.csproj
index a7fa6cc5debc..f1962e675587 100644
--- a/src/RecoveryServices/RecoveryServices.Backup/RecoveryServices.Backup.csproj
+++ b/src/RecoveryServices/RecoveryServices.Backup/RecoveryServices.Backup.csproj
@@ -12,7 +12,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices.SiteRecovery.Test/RecoveryServices.SiteRecovery.Test.csproj b/src/RecoveryServices/RecoveryServices.SiteRecovery.Test/RecoveryServices.SiteRecovery.Test.csproj
index dccdec544db8..9593acfac106 100644
--- a/src/RecoveryServices/RecoveryServices.SiteRecovery.Test/RecoveryServices.SiteRecovery.Test.csproj
+++ b/src/RecoveryServices/RecoveryServices.SiteRecovery.Test/RecoveryServices.SiteRecovery.Test.csproj
@@ -13,7 +13,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices.SiteRecovery/RecoveryServices.SiteRecovery.csproj b/src/RecoveryServices/RecoveryServices.SiteRecovery/RecoveryServices.SiteRecovery.csproj
index 7c2df6443536..7fcbdc854ab9 100644
--- a/src/RecoveryServices/RecoveryServices.SiteRecovery/RecoveryServices.SiteRecovery.csproj
+++ b/src/RecoveryServices/RecoveryServices.SiteRecovery/RecoveryServices.SiteRecovery.csproj
@@ -13,7 +13,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj b/src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj
index fa0ddea9f081..5acec09ae072 100644
--- a/src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj
+++ b/src/RecoveryServices/RecoveryServices.Test/RecoveryServices.Test.csproj
@@ -11,7 +11,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices/Models/RSBackupVaultAADCreds.cs b/src/RecoveryServices/RecoveryServices/Models/RSBackupVaultAADCreds.cs
index 03ad99e2c3ab..53540631503f 100644
--- a/src/RecoveryServices/RecoveryServices/Models/RSBackupVaultAADCreds.cs
+++ b/src/RecoveryServices/RecoveryServices/Models/RSBackupVaultAADCreds.cs
@@ -86,21 +86,27 @@ public class RSBackupVaultAADCreds
public string AadTenantId { get; set; }
///
- /// Gets or sets the Service Principal Client Id.
+ /// Gets or sets the values for AadAudience.
///
[DataMember(Order = 11)]
+ public string AadAudience { get; set; }
+
+ ///
+ /// Gets or sets the Service Principal Client Id.
+ ///
+ [DataMember(Order = 12)]
public string ServicePrincipalClientId { get; set; }
///
/// Gets or sets the Id Management Endpoint.
///
- [DataMember(Order = 12)]
+ [DataMember(Order = 13)]
public string IdMgmtRestEndpoint { get; set; }
///
/// Gets or sets the agent links
///
- [DataMember(Order = 13)]
+ [DataMember(Order = 14)]
public string AgentLinks { get; set; }
}
}
diff --git a/src/RecoveryServices/RecoveryServices/RecoveryServices.csproj b/src/RecoveryServices/RecoveryServices/RecoveryServices.csproj
index 80944d176d5d..075d2aa37a1a 100644
--- a/src/RecoveryServices/RecoveryServices/RecoveryServices.csproj
+++ b/src/RecoveryServices/RecoveryServices/RecoveryServices.csproj
@@ -11,7 +11,7 @@
-
+
diff --git a/src/RecoveryServices/RecoveryServices/Vault/GetAzureRMRecoveryServicesVaultSettingsFile.cs b/src/RecoveryServices/RecoveryServices/Vault/GetAzureRMRecoveryServicesVaultSettingsFile.cs
index 68b58b8a70f6..740a15fd5fc9 100644
--- a/src/RecoveryServices/RecoveryServices/Vault/GetAzureRMRecoveryServicesVaultSettingsFile.cs
+++ b/src/RecoveryServices/RecoveryServices/Vault/GetAzureRMRecoveryServicesVaultSettingsFile.cs
@@ -235,25 +235,16 @@ private void GetBackupCredentialsWithCertificate(string certificate)
{
// Upload cert into ID Mgmt
WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadingCertToIdmgmt));
- X509Certificate2 x509 = new X509Certificate2();
- byte[] data = Convert.FromBase64String(certificate);
- x509.Import(data);
- var bytes = x509.RawData;
- var certificateArgs = new CertificateRequest
- {
- Properties = new RawCertificateData {Certificate = bytes, AuthType = AuthType.AAD}
- };
-
var dateString = DateTime.Now.ToString("M-d-yyyy");
- var friendlyName = string.Format("{0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
+ var friendlyName = string.Format("CN={0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
vaultCertificateResponse = RecoveryServicesClient.GetRecoveryServicesClient.VaultCertificates.CreateWithHttpMessagesAsync(
Vault.ResourceGroupName,
Vault.Name,
friendlyName,
- certificateArgs.Properties,
+ null,
RecoveryServicesClient.GetRequestHeaders()).Result.Body;
WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadedCertToIdmgmt));
}
@@ -263,7 +254,7 @@ private void GetBackupCredentialsWithCertificate(string certificate)
}
// generate vault credentials
- var vaultCredsFileContent = GenerateVaultCredsForBackup(certificate, subscriptionId, vaultCertificateResponse);
+ var vaultCredsFileContent = GenerateVaultCredsForBackup(subscriptionId, vaultCertificateResponse);
// NOTE: One of the scenarios for this cmdlet is to generate a file which will be an input
// to DPM servers.
@@ -307,28 +298,18 @@ private void GetSiteRecoveryCredentialsWithCertificate(string certificate)
var fullFilePath = System.IO.Path.Combine(filePath, fileName);
// Upload cert into ID Mgmt
WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadingCertToIdmgmt));
- X509Certificate2 x509 = new X509Certificate2();
- byte[] data = Convert.FromBase64String(certificate);
- x509.Import(data);
- var bytes = x509.RawData;
- var certificateArgs = new CertificateRequest
- {
- Properties = new RawCertificateData {Certificate = bytes, AuthType = AuthType.AAD}
- };
var dateString = DateTime.Now.ToString("M-d-yyyy");
-
- var friendlyName = string.Format("{0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
+ var friendlyName = string.Format("CN={0}{1}-{2}-vaultcredentials", Vault.Name, subscriptionId, dateString);
var vaultCertificateResponse = RecoveryServicesClient.GetRecoveryServicesClient.VaultCertificates.CreateWithHttpMessagesAsync(
Vault.ResourceGroupName,
Vault.Name,
friendlyName,
- certificateArgs.Properties,
+ null,
RecoveryServicesClient.GetRequestHeaders()).Result.Body;
WriteDebug(string.Format(CultureInfo.InvariantCulture, Resources.UploadedCertToIdmgmt));
var vaultCredsFileContent = GenerateVaultCredsForSiteRecovery(
- certificate,
subscriptionId,
vaultCertificateResponse,
site);
@@ -418,7 +399,6 @@ private void GetSiteRecoveryCredentials()
var managementCert = CertUtils.SerializeCert(cert, X509ContentType.Pfx);
// generate vault credentials
var vaultCredsFileContent = GenerateVaultCredsForSiteRecovery(
- managementCert,
subscription.Id,
vaultCertificateResponse,
site);
@@ -548,7 +528,7 @@ private string GenerateVaultCreds(X509Certificate2 cert, string subscriptionId,
try
{
var certString = CertUtils.SerializeCert(cert, X509ContentType.Pfx);
- return GenerateVaultCredsForBackup(certString, subscriptionId, vaultCertificateResponse);
+ return GenerateVaultCredsForBackup(subscriptionId, vaultCertificateResponse);
}
catch (Exception exception)
{
@@ -559,19 +539,31 @@ private string GenerateVaultCreds(X509Certificate2 cert, string subscriptionId,
///
/// Generates vault creds file content for backup Vault
///
- /// management certificate
/// subscription Id
/// acs namespace
/// xml file in string format
- private string GenerateVaultCredsForBackup(string certificateString, string subscriptionId,
+ private string GenerateVaultCredsForBackup(string subscriptionId,
VaultCertificateResponse vaultCertificateResponse)
{
+ string certificateString = Convert.ToBase64String(
+ vaultCertificateResponse.Properties.Certificate);
+
using (var output = new MemoryStream())
{
using (var writer = XmlWriter.Create(output, GetXmlWriterSettings()))
{
var aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
+ string aadAudience = aadDetails.AadAudience;
+ if (string.IsNullOrEmpty(aadAudience))
+ {
+ aadAudience = string.Format(CultureInfo.InvariantCulture,
+ @"https://RecoveryServiceVault/{0}/{1}/{2}",
+ Vault.Location,
+ Vault.Name,
+ aadDetails.ResourceId);
+ }
+
var vaultCreds = new RSBackupVaultAADCreds
{
SubscriptionId = subscriptionId,
@@ -580,6 +572,7 @@ private string GenerateVaultCredsForBackup(string certificateString, string subs
ResourceId = aadDetails.ResourceId.Value,
AadAuthority = aadDetails.AadAuthority,
AadTenantId = aadDetails.AadTenantId,
+ AadAudience = aadAudience,
ServicePrincipalClientId = aadDetails.ServicePrincipalClientId,
IdMgmtRestEndpoint = aadDetails.AzureManagementEndpointAudience,
ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace,
@@ -603,12 +596,11 @@ private string GenerateVaultCredsForBackup(string certificateString, string subs
///
/// Generates vault creds file content for Site Recovery Vault
///
- /// management certificate
/// subscription Id
/// vaultCertificate Response
/// asrSite Info
/// xml file in string format
- private string GenerateVaultCredsForSiteRecovery(string managementCert, string subscriptionId,
+ private string GenerateVaultCredsForSiteRecovery(string subscriptionId,
VaultCertificateResponse vaultCertificateResponse, ASRSite asrSite)
{
using (var output = new MemoryStream())
@@ -618,6 +610,8 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
var aadDetails = vaultCertificateResponse.Properties as ResourceCertificateAndAadDetails;
var resourceProviderNamespace = string.Empty;
var resourceType = string.Empty;
+ string certificateString =
+ Convert.ToBase64String(vaultCertificateResponse.Properties.Certificate);
Utilities.GetResourceProviderNamespaceAndType(Vault.ID, out resourceProviderNamespace, out resourceType);
@@ -635,12 +629,16 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
ARMResourceType = resourceType
});
- //Code taken from Ibiza code
- var aadAudience = string.Format(CultureInfo.InvariantCulture,
- @"https://RecoveryServiceVault/{0}/{1}/{2}",
- Vault.Location,
- Vault.Name,
- aadDetails.ResourceId);
+ string aadAudience = aadDetails.AadAudience;
+ if (string.IsNullOrEmpty(aadAudience))
+ {
+ //Code taken from Ibiza code
+ aadAudience = string.Format(CultureInfo.InvariantCulture,
+ @"https://RecoveryServiceVault/{0}/{1}/{2}",
+ Vault.Location,
+ Vault.Name,
+ aadDetails.ResourceId);
+ }
var vaultCreds = new RSVaultAsrCreds
{
@@ -654,7 +652,7 @@ private string GenerateVaultCredsForSiteRecovery(string managementCert, string s
ResourceType = RecoveryServicesVaultType,
ProviderNamespace = PSRecoveryServicesClient.ProductionRpNamespace
},
- ManagementCert = managementCert,
+ ManagementCert = certificateString,
Version = VaultCredentialVersionAad,
AadDetails = new ASRVaultAadDetails
{