0

I have a VMSS as a node poll of a service fabric managed cluster. Through the azure portal I added a certificate from a key vault to this node pool. The deployment failed with the message:

The secret retrieved from (edited) is not a properly encoded Base64 string

One of the VMSS instances has the changed applied and the certificate is visible in the os profile section, others don't have this change.

enter image description here

The things I tried to remove this certificate from the instance:

  1. Remove the certificate from the service fabric configuration - the certificate disappeared from the list in the service fabric configuration but is still present on the node
  2. Remove the certificate using Azure CLI with the command
    az vmss update --resource-group myrg --name myvmss --instance-id 0 --remove osProfile.secrets[0].vaultCertificates 2

It fails with the message as above.

  1. Edit the vmss configuration using https://resources.azure.com/ - it is accepting the modified json and puting it to the server but the change is not applied so it fails.

Is there another way to delete this certificate?

Damian
  • 2,752
  • 1
  • 29
  • 28
  • In above snip are you adding same certificate 3 times for one instances or 3 different certificate added on one instances? – Imran Aug 21 '23 at 20:06
  • Two certificates were already there, I added the third one and it caused the problem. – Damian Aug 22 '23 at 19:59

0 Answers0