Connect-AzureAD: Invalid provider type specified

Meant to blog about this a while back, and now I’ve forgotten what the issue was. Hoping some half information is more useful to anyone stumbling upon this post than no information at all! :)

I was trying to connect to AzureAD with a self-signed certificate a while back. I imported the PFX file into my local cert store, then I was trying something like this:

This gave me the above Invalid provider type specified error. Googling on this didn’t give much results but two posts finally helped: this, and this.

I had generated my original self-signed certificate via openssl on my Mac, and something about that wasn’t right I suppose. Originally the cert didn’t have a password and when I regenerated it with a password it worked fine. (I think this is what my fix was :) Like I said it’s been a while and I’ve forgotten…)

Unfortunately on macOS the New-SelfSignedCerfificate cmdlet does not exist which is a bummer. I discovered this 3rd party module though so I try and use it instead of openssl nowadays (nothing against openssl, I just find it so difficult to remember its various switches).

A thing with self-signed certs is that some cmdlets require them to be passwordless. For instance the Connect-MgGraph cmdlet has no option to specify a password if you are passing it a PFX file (which I usually am as I am on my Mac). So while I can generate a cert via the module above, I then have to resort to openssl to remove its password. The module above does not have an option to spit out the public cert either, so again I need openssl. :) So yeah, not entirely free of openssl.

Anyhoo, in case it helps:

I run all the above in a PowerShell window on macOS, it can invoke the native openssl anyways…