Why am I getting “Key credential start date is invalid.” trying to create a Active Directory Service Principal

Question

I\'ve been trying to consolidate a bunch of operations around creating and refreshing AD Service Principals and Applications. The flow I\'m having trouble with is:

Answer 1

According to your error log, it seems that time format is wrong. I suggest you could use [System.DateTime]::Now to set time. I test in my lab, I don't meet your error log, the following script works for me. I suggest you could test.

##import certificate to key valut
$Password = ConvertTo-SecureString -String "*******" -AsPlainText -Force
Import-AzureKeyVaultCertificate -VaultName "shuikey" -Name "ImportCert01" -FilePath "C:\shui.pfx" -Password $Password
##set start time and expire time
$now = [System.DateTime]::Now
$yearfromnow = $now.AddYears(1)
##Get certificate from key vault
$cert=Get-AzureKeyVaultCertificate -VaultName certs -Name CertName

New-AzureRmADServicePrincipal -DisplayName "Cert access" -CertValue $([System.Convert]::ToBase64String($cert.Certificate.GetRawCertData())) -StartDate $now -EndDate $yearfromnow