Table 1262 "Isolated Certificate" allows for uploading certificates and passwords into Isolated Storage.
Codeunit 1259 "Certificate Management" contains various procedures for working with the stored certificates through the records in table 1262.
The procedures in this codeunit are mostly marked as [Scope('OnPrem')], making them unusable for AppSource apps.
This limits the usage of the certificates uploaded through table 1262, requiring partners to make their own alternative certificate storage solutions if the included functionality is not adequate.
One situation in which the included functionality is not adequate, is when using a password protected p12 certificate file to authenticate webservice calls through codeunit 2350 "Rest Client".
The Rest Client requires the base64-encoded certificate, and the password. The currently available procedure "GetRawCertDataAsBase64String" in the "Certificate Management" codeunit does not meet these requirements, even if providing the password through other means.
This idea proposes removing the [Scope('OnPrem')] attribute on two procedures in the "Certificate Management" codeunit:
- GetCertAsBase64String(IsolatedCertificate: Record "Isolated Certificate"): Text
- GetPasswordAsSecret(IsolatedCertificate: Record "Isolated Certificate") StoredPassword: SecretText
Comments
GetCertAsBase64String should be moved to the System Application. The secrets themselves should be storen in Azure Key Vaults. Not in a BC database.
Category: Development
Microsoft should remove all Scope['OnPrem'], at the end of the day BC is a SaaS product, right ?Regards.
Category: Development