I've been setting up a new OIM environment in Azure using AKS with Windows Containers built from the One Identity Images on Docker Hub.
Following the documentation I'm mounting my custom certs into C:\ca-certificates (from Azure KeyVault via SecretProviderClass).
When the container deploys and starts running c:\bin\run.ps1 the certs are found and the script attempts to import them into Cert:\LocalMachine\Root\
This fails with the following error and the pod crashes.
```
Import-Certificate : Error HRESULT E_FAIL has been returned from a call to a COM component.
At line:34 char:62
+ Import-Certificate -CertStoreLocation Cert:\LocalMachine\Root\ -FileP ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Import-Certificate], COMException
+ FullyQualifiedErrorId : System.Runtime.InteropServices.COMException,Microsoft.CertificateServices.Commands.Impor
tCertificateCommand
```Connecting to the host at the time that the container image is being configured by run.ps1 I can see that Windows isn't fully initiated and that is what is causing the import to fail.
If I mount my certs to a different path they aren't found in the default path and the container builds and runs as expected.
Running the Install-Scriptsfrompath function from run.ps1 at this time (after setting $path) works as expected.
I've attempted this on both the JobServer and AppServer images with the same failure.
Any guidance would be greatly appreciated.
Cheers,
DR
Cheers,
DR