访问上传的证书在Azure网站 [英] Accessing uploaded certificates in azure web sites
问题描述
当我使用Web角色,我只是在上传蔚蓝门户证书,我能看到它。现在我在蔚蓝已经切换到网站,我上传的Azure管理门户的证书,但我的code没有看到它。
有我们需要做一些配置或其他一些方式来访问Azure网站上传的证书。
这是我在尝试访问所上传的证书。
私人列表<串GT; GetAvailableCertificatesFromStore()
{
VAR名单=新名单,LT;串>();
VAR店=新的X509Store(StoreName.My,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly); 尝试
{
的foreach(在store.Certificates VAR CERT)
{
// TODO:添加友好名称
list.Add(的String.Format({0},cert.Subject));
}
}
最后
{
store.Close();
} 返回列表;
}
更新 - 2015年7月23日:这个答案现在已经过时(这是在它虽然提供的时间正确的)。请参阅S以下阿姆斯特朗的答案。
在事的工作方式不同碧霞服务(Web /工作者角色)和 Azure的网站。在Azure的云服务时,通过上传管理门户的证书,并指定证书的指纹,并安装在你的角色的属性的位置,当你的角色在一个虚拟机部署网络控制器负责它还会自动安装这些证书给你。这是上面的code工作在Web角色的原因。
在网站上,你需要做你自己。不幸的是,因为在Azure的网站的安全性限制,你就不能安装在证书存储区的证书。使用证书,则需要包括证书的PFX文件与code和工作,该证书文件一起。您不能安装在证书存储中。
在任何我与Azure的网站和证书做一点工作,我发现,如果PFX文件包含在 AppData的文件夹中的证书才有效。你也可能会碰到像错误CryptographicException:系统找不到指定文件。如果你碰到这个错误,你会发现这个博客帖子有用:的http://blog.tylerdoerksen.com/2013/08/23/pfx-certificate-files-and-windows-azure-websites/
When I was using the web role I was just uploading the certificate in azure portal and I was able to see it .Now I have switched to the website in azure and I uploaded the certificate in the azure management portal but my code does not see it at all.
Is there some configurations we need to do or some other way to access uploaded certs in azure web sites.
This is how I am trying to access the uploaded cert .
private List<string> GetAvailableCertificatesFromStore()
{
var list = new List<string>();
var store = new X509Store(StoreName.My,StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
try
{
foreach (var cert in store.Certificates)
{
// todo: add friendly name
list.Add(string.Format("{0}", cert.Subject));
}
}
finally
{
store.Close();
}
return list;
}
UPDATE - July 23 2015: This answer is now obsolete (It was correct at the time it was provided though). Please see S Armstrong's answer below.
Things work differently in Azure Cloud Services (Web/Worker Roles) and Azure Websites. In Azure Cloud Services when you upload a certificate through management portal and specify that certificate's thumbprint and install location in your role's properties, when your role is deployed in a VM the fabric controller responsible for it also installs these certificates automatically for you. This is the reason the code above works in a web role.
In website, you would need to do this on your own. Unfortunately because of security restrictions in an Azure website, you just can't install a certificate in certificate store. To work with certificates, you would need to include the certificate's PFX file along with your code and work with that certificate file. You can't install the certificate in certificate store.
In whatever little work I have done with Azure Website and Certificates, I have found that the certificate only works if the PFX file is included in AppData folder. Also you may run into errors like CryptographicException: The system cannot find the file specified. If you run into this error, you may find this blog post useful: http://blog.tylerdoerksen.com/2013/08/23/pfx-certificate-files-and-windows-azure-websites/
这篇关于访问上传的证书在Azure网站的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
