如何在Azure App Service中存储用户证书? [英] How to store user certificates in Azure App Service?

问题描述

你好

我想在Azure App Service上运行我的应用程序.

I want to run my application on Azure App Service.

在应用程序中，用户应该能够将其X509用户证书(连接到外部API所必需的)上载到其用户帐户.

Within the application, a user should be able to upload his X509 user certificate, which is required for his connection to an external API, to his user account.

在虚拟机上，我将使用Windows证书存储区以编程方式将证书上传到存储区，并将其与用户帐户连接.在Azure Web服务中有什么方法可以做到这一点?我看过Key Vault，但是 似乎不支持此功能.

On a virtual machine I would use a Windows Certificate store to achieve programmatic uploading of the certificate to the store, and connect it with the user account. Is there any way to do this in the Azure Web Service? I've looked at the Key Vault but it doesn't seem to support this functionality.

谢谢.

推荐答案

.在应用程序设置"刀片中添加"WEBSITE_LOAD_CERTIFICATES"设置.

After uploading the certificate, try to add application settings called "WEBSITE_LOAD_CERTIFICATES" and add the thumbprint of the certificate you want to be loaded as the value. To do this, Navigate to Azure App Service Web App -> In the menu blade select "Application Settings" under "Settings" section -> add "WEBSITE_LOAD_CERTIFICATES" setting in "App Settings" blade.

在将应用程序发布到云之前，您还可以将值添加到网络中.配置

< add key = "WEBSITE_LOAD_CERTIFICATES" value = "指纹" />

<add key="WEBSITE_LOAD_CERTIFICATES" value=" thumbprint"/>

然后，您可以通过添加以下C#代码在应用程序中加载证书，

public X509Certificate2 GetCertificate(string thumbprint) {
   if (string.IsNullOrEmpty(thumbprint))
        throw new
ArgumentNullException("thumbprint", "Argument 'thumbprint'
cannot be 'null' or 'string.empty'");
    X509Certificate2 retVal = null;
    X509Store certStore = new
X509Store(StoreName.My, StoreLocation.CurrentUser);
    certStore.Open(OpenFlags.ReadOnly);
    X509Certificate2Collection certCollection =
certStore.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, false);
    if (certCollection.Count > 0) {
        retVal = certCollection[0];
    }
    certStore.Close();
    return retVal;
}

参考: https://msftplayground.com/2016/11/using-certificates-azure-app-services/.

Reference: https://msftplayground.com/2016/11/using-certificates-azure-app-services/.

------------------ -------------------------------------------------- ---------------------------------

如果此答案有帮助，请单击标记为答案"或投票.要提供有关您的论坛的其他反馈 体验，请单击

If this answer was helpful, click "Mark as Answer" or Up-Vote. To provide additional feedback on your forum experience, click here

这篇关于如何在Azure App Service中存储用户证书?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！