[Bug] Using pnp.powershell in azure function with certificate auth, works for a while then results in "The system cannot find the file specified" errors during connection

[Slickspacestech]

I have a project I wrote using powershell core 7.4 in Azure functions.

I'm using Pnp.Powershell 2.12.0

The project works... for a little while, the starts throwing errors.

The certificate is stored in an Azure Key Vault.

I use this to retreive the certificate in base64
$cert = Get-AzKeyVaultSecret -VaultName $vaultName -Name $name -AsPlainText

then use this to connect:
connect-pnponline -Url $url -Tenant $tenantid -ApplicationId $appid -CertificateBase64Encoded $cert

If it stop and restart the function it will work for a while before eventually throwing these errors (typically 2-10 runs before failing)

ERROR: The system cannot find the file specified. Exception : Type : System.Security.Cryptography.CryptographicException TargetSite : Name : FilterPFXStore DeclaringType : [System.Security.Cryptography.X509Certificates.CertificatePal] MemberType : Method Module : System.Security.Cryptography.dll Message : The system cannot find the file specified. Data : System.Collections.ListDictionaryInternal Source : System.Security.Cryptography HResult : -2147024894 StackTrace : at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags) at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, SecureString password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, SecureString password) at PnP.PowerShell.Commands.Base.ConnectOnline.ConnectAppOnlyWithCertificate() in c:\build\src\Commands\Base\ConnectOnline.cs:line 629 at PnP.PowerShell.Commands.Base.ConnectOnline.Connect(CancellationToken& cancellationToken) in c:\build\src\Commands\Base\ConnectOnline.cs:line 368 at PnP.PowerShell.Commands.Base.ConnectOnline.ProcessRecord() in c:\build\src\Commands\Base\ConnectOnline.cs:line 311 at System.Management.Automation.Cmdlet.DoProcessRecord() at System.Management.Automation.CommandProcessor.ProcessRecord() CategoryInfo : NotSpecified: (:) [Connect-PnPOnline], CryptographicException FullyQualifiedErrorId : System.Security.Cryptography.CryptographicException,PnP.PowerShell.Commands.Base.ConnectOnline InvocationInfo : MyCommand : Connect-PnPOnline ScriptLineNumber : 88 OffsetInLine : 9 HistoryId : 1 ScriptName : C:\home\site\wwwroot\FL\run.ps1 Line : connect-pnponline -Url $url -Tenant $tenantid -ApplicationId $appid -CertificateBase64Encoded $cert Statement : connect-pnponline -Url $url -Tenant $tenantid -ApplicationId $appid -CertificateBase64Encoded $cert

Would love for this to work consistently..