[BUG]: AzureCLI@2 az login fails when using certificate for authentication starting from version 2.67.0 of Azure CLI

[jan-msc]

Starting from version 2.67.0, for az login, --password no longer accepts service principal certificate. Use --certificate to pass a service principal certificate.
AzureCLI@2 does not use the --certificate parameter to pass the service principal certificate resulting in:
ERROR: AADSTS7000215: Invalid client secret provided. Ensure the secret being sent in the request is the client secret value, not the client secret ID, for a secret added to app '***'. The error may be caused by passing a service principal certificate with --password. Please note that --password no longer accepts a service principal certificate. To pass a service principal certificate, use --certificate instead.

[NakagawaMakoto]

I am experiencing the same issue. Is there any way to downgrade azure cli to prior version?

[jan-msc]

@NakagawaMakoto : Azure CLI has no downgrade functionality but you can uninstall it and install the desired version (2.66.0) instead.

[NakagawaMakoto]

Yes, of course, it is me who is responsible for the version of azcli on the pipeline agent's host. I should have known better. Thank you for reminding me of the fact.

[RichieBzzzt]

To work around this issue we added this step to our builds. Would love to see the issue fixed though!

    apt-get remove -y azure-cli
    apt-get install -y azure-cli=2.66.0-1~focal```

[mhever]

This is breaking user pipelines on our side, this should be fixed asap.