Create the Azure service fabric cluster from portal
- select the basic on security, where the server certificate will be created by portal and stored in the key vault
- go to the key vault and download the generated server certificate to local.
open PowerShell
Get-ChildItem -Path "Cert:\LocalMachine\CA"
get the list of certificates and find the generated server certificate and note the thumbprint and subject
$cert = Get-ChildItem -Path "Cert:\LocalMachine\CA\Thumbprint"
load the cert to variable $cert
New-SelfSignedCertificate -Type Custom -KeySpec Signature `
-Subject "CN=eastus.cloudapp.azure.com" -KeyExportPolicy Exportable `
-HashAlgorithm sha256 -KeyLength 2048 `
-CertStoreLocation "Cert:\CurrentUser\My" `
-Signer $cert -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.2")
create client certificate
- export the client certificate to local pfx
- generate base64 version. [System.Convert]::ToBase64String([System.IO.File]::ReadAllBytes("C:\users\userid\Documents\pandaciclient.pfx"))