创建HDInsight+；使用azure cli和模板的Datalake群集

我正在尝试创建HDInsight Spark群集。我还想在HDInsight集群中使用Datalake存储。我已经生成了一个连接HDInsight和Datalake的证书。我已经在门户网站上完成了，并下载了模板和证书。现在我使用Azure CLI创建集群，并在需要时自动删除它

deploy.sh（我刚刚在最后一个命令中添加了详细和调试选项）

parameters.json（我想我的问题来自这个文件）

在parameter.json中需要填写“clusterLoginPassword”、“sshPassword”、“identityCertificate”和“identityCertificatePassword”。我尝试过用不同的方式填充这些字段，但都有错误

3个字符串值为“XXXXX”的密码字段，以及带有证书文件“cert download.pfx”路径的identityCertificate

结果：

"code": "BadRequest",
  "message": "User input validation failed. Errors: The request payload is invalid. The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "

"code": "BadRequest",
  "message": "User input validation failed. Errors: The request payload is invalid. The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "

将密码转换为base 64

结果：

"code": "BadRequest",
  "message": "User input validation failed. Errors: The request payload is invalid. The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "

"code": "BadRequest",
  "message": "User input validation failed. Errors: The request payload is invalid. The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. "

正如我在模板文件中看到的，所有类型为securestring的文件，使用以下powershell代码，我在base64中获得了证书的内容：

我把结果放在参数文件中

结果：

"code": "BadRequest",
  "message": "DeploymentDocument 'AmbariConfiguration_1_7' failed the validation. Error: 'Service Principal Details are invalid - The private key is not present in the X.509 certificate.',DeploymentDocument 'AmbariConfiguration_1_7' failed the validation. Error: 'Error while getting access to the datalake storage account vivienda: The private key is not present in the X.509 certificate..'"

我也读过有关密钥库的内容，但我还没有从parameters.json文件中看到如何使用它

---

因此，我需要帮助以正确的方式填写parameters.json:）

您的问题解决了吗？

    PS /tmp/azure> $certPassword = "XXXXXXXX"
    PS /tmp/azure> $certFilePath = "cert-download.pfx"
    PS /tmp/azure> $certPasswordSecureString = ConvertTo-SecureString $certPassword -AsPlainText -Force
    
    PS /tmp/azure> $certificatePFX = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2($certFilePath, $certPasswordSecureString)
    PS /tmp/azure> $credential = [System.Convert]::ToBase64String($certificatePFX.GetRawCertData())
    PS /tmp/azure> $credential
    MIICnjCCAYagAwIBAgIQTOVQViiwq4NKlPOYRGjZ8TANBgkqhkiG9w0BAQUFADALMQkwBwYDVQQDEwAwHhcNMTgxMDIzMjIwMDAwWhcNMTkxMDIzMjIwMDAwWjALMQkwBwYDVQQDEwAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCV2J/jquMaey+iEzjheH/J860T3J3B3Cc6kW7nBmSeGd436JD6RMxoeYGC66kq15VMFh6sscU8a0I3QLJtQaOPRk03bLftSilfVZelblVf0530GYqddrWGRH2JVPX850/25mXuPEtbFkURVFrBDS7YEyQsIQUdJpnCwqvRjMzrwKm3WfwWrA02gs8xbjr9JokHdZE1wXj7nYAVuI+fsNAQFCtC1veXw+3ofxd8dEY0hSWb8209ug0j67OuVPhFqEaCbit+pCqq4shoYY/14Bf4jZhkm8ssED78oDQGqLRlknqDuD8m4gV8Ln9UTEfgdTU2eKKTQsOFMSY6dV8H26gdAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAG+IEqkQbuHpbS1viqs8IyqIuVTDron+ZCp0rPv/4i17KaEyO/40zMOies8XCwJRDKKcFeLEmVXyCPVVY9Fn3UyRtCA9T7eams1reBX/hBy+vUeeYPKCBNpsAk9akLFdxq8zYIPw9CNFV4imuM/UFYrF+dmYeMeYENvWGpYG0LtSWfm6T9z+T3+iOhVQ1r7ZE10ZHB4IFGIlYd7HThNDicQHbtZMXus8iQllTcPJmU8heYuuHoi5we5LAwFnrvqgGdcGKwMY+9OLll7bna+9ZzojMea+TkHCNN+KY07M3YxgI6sGE7CmUNotCmGChFCpie+7D8rqPSql8zV+FnnK6ps=

"code": "BadRequest",
  "message": "DeploymentDocument 'AmbariConfiguration_1_7' failed the validation. Error: 'Service Principal Details are invalid - The private key is not present in the X.509 certificate.',DeploymentDocument 'AmbariConfiguration_1_7' failed the validation. Error: 'Error while getting access to the datalake storage account vivienda: The private key is not present in the X.509 certificate..'"