Actionable Data Analytics
Join Our Email List for Data News Sent to Your Inbox
In Analytics, Azure Data Factory

Upload Azure Data Factory Open SSH Key to Azure Key Vault

Posted on
Pin it Azure Key Vault SSH Key

If you’re trying to upload your private SSH keys to Azure Key Vault to be used in Azure Data Factory, you’ll get an error while testing the connection. 

In this post, you’ll learn how to how to solve the issue of uploading an SSH Key to Azure Key Vault for use in Azure Data Factory. 

The Problem

To begin, the following error is displayed when using the Azure Portal web browser experience to upload the key: 

Error: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. 

Error message in Azure Portal web browser

In this case, we were trying to upload the certificate using the web browser experience to copy the key within a secret. By doing this, the format of the string changes from Base-64 encoding to string. 

The web experience to upload the SSH Key manually is: 

Upload SSH Key manually

The Solution

Luckily, this problem has a solution. You just need to upload the private key using PowerShell with the following code. You can also get a copy of the code from this link

# Connect to your account 

Connect-AzureRmAccount 

 

# Connect to subscription 

Set-AzureRmContext -SubscriptionId "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" 

 

# Define variables 

 

# Define Path 

$PrivateKey = [System.IO.File]::ReadAllBytes("C:\Your file") 

 

# Convert to base 64 and to secure string 

$Base64 = [System.Convert]::ToBase64String($PrivateKey) 

$Secret = ConvertTo-SecureString -String $Base64 -AsPlainText -Force 

 

# Upload key to Azure Key Vault secret  

Set-AzureKeyVaultSecret -VaultName 'KeyVault-Name' -Name 'SecretName' -SecretValue $Secret
Azure Key Vault

Summary 

In summary, you have explored how to solve the issue of uploading a SSH Key to Azure Key Vault for use in Azure Data Factory. The problem has a simple solution. 

What’s Next? 

In upcoming blog posts, we’ll continue to explore some of the features within Azure Services.       

Please follow Tech Talk Corner on Twitter for blog updates, virtual presentations, and more!     

As always, please leave any comments or questions below.     

Check out my other posts

3 Good Reasons to Use Azure Functions
Azure Synapse Analytics Notebooks
Self-Hosted Integration Runtime
comments [ 2 ]
share
No tags 0
As a Data Architect, I help organisations to adopt Azure data analytics technologies that mitigate some of their business challenges. I’ve been working in the data analytics space since 2011, mainly in the data warehousing area and I’m specialized in the design and implementation of data analytics solutions with Microsoft technologies. I am responsible for providing end-to-end technical guidance and expertise across multiple data analytics projects.
previously

previously

Azure Data Factory Analytics Monitor
up next

up next

Point-In-Time Restore for Blob Storage Accounts
2 Responses
  • Niklas
    21 . 09 . 2021

    The following part is not necessary.
    $Secret = ConvertTo-SecureString -String $Base64 -AsPlainText -Force

    A base64 string must be uploaded.
    Set-AzureKeyVaultSecret -VaultName ‘KeyVault-Name’ -Name ‘SecretName’ -SecretValue $Base64

    Reply
  • Milan Nagy
    14 . 01 . 2023

    Thank you very much. It worked.

    Reply

Do you want to leave a comment?

Your email address will not be published. Required fields are marked *

For security, use of Google's reCAPTCHA service is required which is subject to the Google Privacy Policy and Terms of Use.

I agree to these terms.