IdentityServer3-X509Certificate2构造函数错误(“找不到请求的对象") [英] IdentityServer3 - X509Certificate2 Constructor Error ("Cannot find requested object")
问题描述
我正在尝试设置IdentityServer3,并且正在遵循并使用Pluralsight视频( https://app.pluralsight.com/library/courses/building-securing-restful-api-aspdotnet/table-of-contents 作为参考.我正要进行基本的IS3设置,并被困在".UseIdentityServer()"调用的"SigningCertificate"分配中.
I am trying to get IdentityServer3 setup and am following along and using a Pluralsight video (https://app.pluralsight.com/library/courses/building-securing-restful-api-aspdotnet/table-of-contents) as reference. I'm at the point of basic IS3 setup and am stuck at the "SigningCertificate" assignment for the ".UseIdentityServer()" call.
我在Internet上其他地方也看到过类似的代码.我的相关代码:
I've seen similar code elsewhere on the Internet. My relevant code:
public X509Certificate2 LoadCertificate()
{
var baseFolder = AppDomain.CurrentDomain.BaseDirectory;
string certificatePath = $"{baseFolder}Certificates\\idsrv3test.pfx";
//var certificateBytes = File.ReadAllBytes(certificatePath);
//return new X509Certificate2(certificateBytes, "idsrv3test", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.UserKeySet | X509KeyStorageFlags.UserProtected);
return new X509Certificate2(certificatePath, "idsrv3test", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet);
}
public void Configuration(IAppBuilder app)
{
app.Map("/identity", idSrvApp =>
{
idSrvApp.UseIdentityServer(new IdentityServerOptions
SiteName = "My Identity Server",
IssuerUri = Constants.IdServerIssuerUri,
Factory = new IdentityServerServiceFactory()
.UseInMemoryUsers(Users.Get())
.UseInMemoryClients(Clients.Get())
.UseInMemoryScopes(Scopes.Get()),
SigningCertificate = LoadCertificate()
});
});
}
它在return new X509Certificate2()行上爆炸.如您所见,我都尝试读取测试证书(从IS3的Github页面下载: https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Certificates )从路径以及字节数组中获取.我还尝试了每个X509KeyStorageFlags枚举值.两者都给出此错误:
It is blowing up on the return new X509Certificate2() line. As you can see, I've tried both reading the test certificate (downloaded from IS3's Github page: https://github.com/IdentityServer/IdentityServer3.Samples/tree/master/source/Certificates) in from a path as well as from a byte array. I've also tried every one of the X509KeyStorageFlags enum values. Both give this error:
[CryptographicException:找不到请求的对象. ]
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)+36
System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName)+0
System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(字符串 fileName,对象密码,X509KeyStorageFlags keyStorageFlags)+100
System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(字符串 fileName,字符串密码,X509KeyStorageFlags keyStorageFlags)+110
MySecurityService.Startup.LoadCertificate()在 D:\ Documents \ Projects \ Test \ MySecurityService \ MySecurityService \ Startup.cs:43 UpcarsSecurityService.Startup.b__0_0(IAppBuilder idSrvApp) D:\ Documents \ Projects \ Test \ MySecurityService \ MySecurityService \ Startup.cs:22 Owin.MapExtensions.Map(IAppBuilder应用,PathString pathMatch,Action`1 配置)+178 Owin.MapExtensions.Map(IAppBuilder应用,字符串 pathMatch,Action1配置)+108
UpcarsSecurityService.Startup.Configuration(IAppBuilder app)在 D:\ Documents \ Projects \ Test \ MySecurityService \ MySecurityService \ Startup.cs:20
[CryptographicException: Cannot find the requested object. ]
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +36
System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName) +0
System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags) +100
System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) +110
MySecurityService.Startup.LoadCertificate() in D:\Documents\Projects\Test\MySecurityService\MySecurityService\Startup.cs:43 UpcarsSecurityService.Startup.b__0_0(IAppBuilder idSrvApp) in D:\Documents\Projects\Test\MySecurityService\MySecurityService\Startup.cs:22 Owin.MapExtensions.Map(IAppBuilder app, PathString pathMatch, Action`1 configuration) +178 Owin.MapExtensions.Map(IAppBuilder app, String pathMatch, Action1 configuration) +108
UpcarsSecurityService.Startup.Configuration(IAppBuilder app) in D:\Documents\Projects\Test\MySecurityService\MySecurityService\Startup.cs:20
该解决方案具有一个证书"目录,并且存在.pfx文件.在Visual Studio中,我已将文件上的复制到输出目录"属性设置为始终复制".
The solution has a "Certificates" directory and the .pfx file is there. In Visual Studio, I have set the "Copy to Output Directory" property on the file to "Copy always."
我已经花了几个小时了,真的不知道该怎么办.为了完全清楚起见,我现在只是通过Visual Studio调试(IIS Express)在本地计算机上运行此代码.我计划在完成和部署后将其托管在IIS(与网站一起)中.我正在Windows 10上运行.
I've spent several hours on this and really am not sure what to do. Just to be completely clear, I am just running this on my local machine through Visual Studio Debug (IIS Express) at this point. I am planning on it being hosted within IIS (alongside a website) when it is done and deployed. I am running on Windows 10.
非常感谢您的帮助;我在这里很迷路,对IS3完全陌生.
Thank you so much for any help; I'm pretty lost here and am totally new to IS3.
推荐答案
噢,为了f.我使用的.pfx文件为40 KB.就像我说的那样,它最初是从IS3 Github网站下载的.
Oh for f's sake. The .pfx file I was using was 40 KB. As I said, this was originally downloaded from the IS3 Github site.
但是,当我单击Github上的"idsrv3test.pfx"链接时,我才注意到它的大小为3.32 KB.所以我单击了右边的下载"按钮,果然是在磁盘上,它的大小为4 KB.
However, I just noticed when I clicked the "idsrv3test.pfx" link on Github that said it was 3.32 KB. So I clicked the "Download" button to the right and sure enough, on disk it was 4 KB.
我用新下载的证书替换了证书,瞧!有用.我不敢相信我在这个愚蠢的问题上浪费了很多时间.好吧...实际上,我可以相信.典型的.
I replaced the certificate with the newly downloaded one and voila! It works. I can't believe I wasted so much time on this asinine problem. Well... actually, I can believe it. Typical.
这篇关于IdentityServer3-X509Certificate2构造函数错误(“找不到请求的对象")的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
