使用Azure Web应用程序(ASP.NET MVC 5)在.NET中创建自签名证书(Create a Self-Signed Certificate in .NET, using an Azure Web Application (ASP.NET MVC 5))

10 IT屋

I have this Helper Method:

CngKeyCreationParameters keyParams = new CngKeyCreationParameters();
keyParams.KeyCreationOptions = CngKeyCreationOptions.None;
keyParams.KeyUsage = CngKeyUsages.Signing;
keyParams.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider;
keyParams.ExportPolicy = CngExportPolicies.AllowExport;
String newguid = Guid.NewGuid().ToString();
CngKey newKey = CngKey.Create(CngAlgorithm2.Rsa, keyParams);
...

When I debug (my local machine), everything is OK, but in the production environment, the last sentence CngKey newKey = CngKey.Create(CngAlgorithm2.Rsa, keyParams); throws the following exception: "The system cannot find the file specified."

The main idea is to create a Self-Signed certificate (x509) to store it and use it for signing PDF documents.

Update:

StackTrace (using: CngKeyCreationOptions.None):

[CryptographicException: The system cannot find the file specified.
]
   System.Security.Cryptography.NCryptNative.CreatePersistedKey(SafeNCryptProviderHandle provider, String algorithm, String name, CngKeyCreationOptions options) +2244958
   System.Security.Cryptography.CngKey.Create(CngAlgorithm algorithm, String keyName, CngKeyCreationParameters creationParameters) +248

StackTrace (using: CngKeyCreationOptions.MachineKey):

[CryptographicException: Access denied.
]
   System.Security.Cryptography.NCryptNative.FinalizeKey(SafeNCryptKeyHandle key) +2243810
   System.Security.Cryptography.CngKey.Create(CngAlgorithm algorithm, String keyName, CngKeyCreationParameters creationParameters) +266
解决方案

Like vcsjones guessed, Azure Web Apps does not load the user profile by default.

You can enable the user profile by setting the app setting WEBSITE_LOAD_USER_PROFILE = 1 for the site in the portal. That might fix your error

我有这个辅助方法:



  CngKeyCreationParameters keyParams = new CngKeyCreationParameters(); 
keyParams.KeyCreationOptions = CngKeyCreationOptions.None;
keyParams.KeyUsage = CngKeyUsages.Signing;
keyParams.Provider = CngProvider.MicrosoftSoftwareKeyStorageProvider;
keyParams.ExportPolicy = CngExportPolicies.AllowExport;
字符串newguid = Guid.NewGuid()。ToString();
CngKey newKey = CngKey.Create(CngAlgorithm2.Rsa,keyParams);
...


当我调试(我的本地计算机)时,一切正常,但是在生产环境中,最后一句 CngKey newKey = CngKey.Create(CngAlgorithm2.Rsa,keyParams); 引发以下异常:"系统找不到指定的文件。"



主要思想是创建一个自签名证书(x509)来存储该证书并将其用于签名PDF文档。



更新:



StackTrace(使用: CngKeyCreationOptions.None ):



  [CryptographicException:系统找不到指定的文件。 
]
System.Security.Cryptography.NCryptNative.CreatePersistedKey(SafeNCryptProviderHandle provider,String algorithm,String name,CngKeyCreationOptions options)+2244958
System.Security.Cryptography.CngKey.Create(CngAlgorithm算法,字符串keyName,CngKeyCreationParameters creationParameters)+248


StackTrace(使用: CngKeyCreationOptions.MachineKey ):



  [CryptographicException:访问被拒绝。 
]
System.Security.Cryptography.NCryptNative.FinalizeKey(SafeNCryptKeyHandle键)+2243810
System.Security.Cryptography.CngKey.Create(CngAlgorithm算法,字符串keyName,CngKeyCreationParameters creationParameters)+266

解决方案

就像vcsjones猜到的那样,Azure Web Apps不会加载用户



您可以通过为门户网站中的站点设置应用程序设置WEBSITE_LOAD_USER_PROFILE = 1来启用用户配置文件。这可能会解决您的错误


本文地址:IT屋 » 使用Azure Web应用程序(ASP.NET MVC 5)在.NET中创建自签名证书