PropertyNotFoundException: The property 'Subject-Key-Identifier' happened when run the command Test-MsIdCBATrustStoreConfiguration

[vweitaowang]

Describe the bug

PropertyNotFoundException: The property 'Subject-Key-Identifier' happened when run the command Test-MsIdCBATrustStoreConfiguration

To Reproduce

Steps to reproduce the behavior:

1. Go to Japanse OS.
2. run the command Test-MsIdCBATrustStoreConfiguration in below public document,the following error is reported.

https://learn.microsoft.com/en-us/entra/identity/authentication/certificate-based-authentication-faq#how-do-i-validate-the-certificate-authority-configuration-

Error Information:

PropertyNotFoundException: The property 'Subject-Key-Identifier' cannot be found on this object. Verify that the property exists.

Expected behavior

PropertyNotFoundException don't happen.

Screenshots

If applicable, add screenshots to help explain your problem.

Environment (please complete the following information)

• Operating System: [Japanese Windows ]
• PowerShell Version: [PowerShell 7.4 ]
• MS Graph PowerShell SDK Module Version: [e.g. 1.6.2, 1.9.3, 2.0.0]

Additional context

I verified it in myself environment and same error happened.
for finding which part of my certificate has problem, I download the code below and tried debug the code,

https://github.com/AzureAD/MSIdentityTools
MSIdentityTools-main\MSIdentityTools-main\src
Test-MsIdCBATrustStoreConfiguration.ps1

but I Found problem should be in the following source code.

ForEach($Extension in $Cert.Extensions) {
Switch($Extension.Oid.FriendlyName) {
"Authority Key Identifier" {$objresult | Add-Member -type NoteProperty -name Authority-Key-Identifier -value ($Extension.Format($false)).trimstart("KeyID=")}
"Subject Key Identifier" {$objresult | Add-Member -type NoteProperty -name Subject-Key-Identifier -value $Extension.Format($false)}
} ##Switch
}## ForEach Extension

The $Cert contains a certificate read from the Entra ID certification authority, and when the FriendlyName is "Subject Key Identifie.",
This attribute will be added into the objresult(the objresult will use this attribute to compare with the AKI (Authority Key Identifier) content of the CRL.).

However, I found that value of $Extension.Oid.FriendlyName is "サブジェクト キー識別子" in the Japanese OS.

I tried modify the Test-MsIdCBATrustStoreConfiguration.ps1 into below, and this error (PropertyNotFoundException: The property 'Subject-Key-Identifier' cannot be found on this object. Verify that the property exists.） doesn't happen again.

    Switch($Extension.Oid.FriendlyName) {
        "Authority Key Identifier" {$objresult | Add-Member -type NoteProperty -name Authority-Key-Identifier -value ($Extension.Format($false)).trimstart("KeyID=")}
        "Subject Key Identifier"   {$objresult | Add-Member -type NoteProperty -name Subject-Key-Identifier -value $Extension.Format($false)}
        "サブジェクト キー識別子"   {$objresult | Add-Member -type NoteProperty -name Subject-Key-Identifier -value $Extension.Format($false)}
    } ##Switch

but there is not any comment about the command Test-MsIdCBATrustStoreConfiguration.ps1 couldn't be used except English OS.