Actionable Data Analytics
Join Our Email List for Data News Sent to Your Inbox

Upload Azure Data Factory Open SSH Key to Azure Key Vault

If you’re trying to upload your private SSH keys to Azure Key Vault to be used in Azure Data Factory, you’ll get an error while testing the connection. 

In this post, you’ll learn how to how to solve the issue of uploading an SSH Key to Azure Key Vault for use in Azure Data Factory. 

The Problem

To begin, the following error is displayed when using the Azure Portal web browser experience to upload the key: 

Error: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. 

Error message in Azure Portal web browser

In this case, we were trying to upload the certificate using the web browser experience to copy the key within a secret. By doing this, the format of the string changes from Base-64 encoding to string. 

The web experience to upload the SSH Key manually is: 

Upload SSH Key manually

The Solution

Luckily, this problem has a solution. You just need to upload the private key using PowerShell with the following code. You can also get a copy of the code from this link

# Connect to your account 

Connect-AzureRmAccount 

 

# Connect to subscription 

Set-AzureRmContext -SubscriptionId "XXXXX-XXXXX-XXXXX-XXXXX-XXXXX" 

 

# Define variables 

 

# Define Path 

$PrivateKey = [System.IO.File]::ReadAllBytes("C:\Your file") 

 

# Convert to base 64 and to secure string 

$Base64 = [System.Convert]::ToBase64String($PrivateKey) 

$Secret = ConvertTo-SecureString -String $Base64 -AsPlainText -Force 

 

# Upload key to Azure Key Vault secret  

Set-AzureKeyVaultSecret -VaultName 'KeyVault-Name' -Name 'SecretName' -SecretValue $Secret   

 
Azure Key Vault

Summary 

In summary, you have explored how to solve the issue of uploading a SSH Key to Azure Key Vault for use in Azure Data Factory. The problem has a simple solution. 

What’s Next? 

In upcoming blog posts, we’ll continue to explore some of the features within Azure Services.       

Please follow Tech Talk Corner on Twitter for blog updates, virtual presentations, and more!     

As always, please leave any comments or questions below.     

Check out my other posts

comments [ 2 ]
share
No tags 0
2 Responses
  • Niklas
    21 . 09 . 2021

    The following part is not necessary.
    $Secret = ConvertTo-SecureString -String $Base64 -AsPlainText -Force

    A base64 string must be uploaded.
    Set-AzureKeyVaultSecret -VaultName ‘KeyVault-Name’ -Name ‘SecretName’ -SecretValue $Base64

  • Milan Nagy
    14 . 01 . 2023

    Thank you very much. It worked.

Do you want to leave a comment?

Your email address will not be published. Required fields are marked *