Check your eligibility for this 50% exam voucher offer and join us for free live learning sessions to get prepared for Exam DP-700.
Get StartedDon't miss out! 2025 Microsoft Fabric Community Conference, March 31 - April 2, Las Vegas, Nevada. Use code MSCUST for a $150 discount. Prices go up February 11th. Register now.
Hi Everyone,
I am looking for some help to know if there is a way to sign the PQX (custom connector) using Azure Key Vault and AzureSignTool.
Is there any existing way?
I know how to sign the connector with the MakePQX, but for now, it is not an alternative to use a PFX format for the certificate.
Thank you,
Regards.
Hi @aortega1313
Based on your description, you can refer to the following link.
It offer some suggestion about it.
Best Regards!
Yolo Zhu
If this post helps, then please consider Accept it as the solution to help the other members find it more quickly.
Hi @FarhanJeelani!
Thanks for the help. I made the test but I'm receive the next error.
The file cannot be signed because it is not a recognized file type for signing or it is corrupt.
I'm using the next project with this command: https://github.com/vcsjones/AzureSignTool
AzureSignTool.exe sign -du "https://vcsjones.com" \
-fd sha256 -kvu https://my-vault.vault.azure.net \
-kvi 01234567-abcd-ef012-0000-0123456789ab \
-kvt 01234567-abcd-ef012-0000-0123456789ab \
-kvs <token> \
-kvc my-key-name \
-tr http://timestamp.digicert.com \
-v \
C:\connector.pqx
Should I use a different version or another project?
Hi @aortega1313 ,
Yes, you can sign a Power Query Custom Connector (PQX) using Azure Key Vault and AzureSignTool. Here's how:
Store your certificate in Azure Key Vault and ensure it's accessible.
Grant your service principal or user the necessary permissions to access the certificate in Key Vault (e.g., Key Vault Sign permission).
Install AzureSignTool on your machine.
Use the AzureSignTool to sign the PQX file by pointing it to the certificate in Azure Key Vault with the following command:
AzureSignTool sign /fd sha256 /a /v /sha256 <certificate-thumbprint> /kvc <keyvault-name> <path-to-pqx>
This will sign your PQX file using the certificate stored in Azure Key Vault, without needing to use MakePQX for the certificate.
Please mark this as solution if it helps. Appreciate Kudos.
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount!
Check out the January 2025 Power BI update to learn about new features in Reporting, Modeling, and Data Connectivity.