502错误在谷歌为Azure的API网站P12证书生成X509Certificate2时 [英] 502 error when generating X509Certificate2 from p12 certificate in Azure Websites for Google API
问题描述
我用<一个href=\"https://zavitax.word$p$pss.com/2012/12/17/logging-in-with-google-service-account-in-c-jwt/\">This GoogleJsonWebToken 类来生成一个访问令牌与JSON调用的谷歌日历API一起使用。它工作在IIS防爆preSS完全没有我的开发机器上,当我用下面的(用我的实际服务帐户的电子邮件):
I'm using This GoogleJsonWebToken class to generate an access token to be used with json calls to the Google Calendar API. It works perfectly fine in IIS Express on my dev machine when I use the following (using my actual service account email):
string p12Path = HttpContext.Current.Server.MapPath("~/App_Data/certificate.p12");
var auth = GoogleJsonWebToken.GetAccessToken("uniquestring@developer.gserviceaccount.com",
p12Path,
"https://www.googleapis.com/auth/calendar");
string Token = auth["access_token"];
要测试这个我打电话 @Token 在我CSHTML的Razor视图。当我出版这对我的Azure网站这是行不通的。如果我离开 GoogleJsonWebToken 类未修改我得到一个非常无益的 502 - 网页,同时作为网关或代理服务器服务器收到了无效响应,没有其他信息。
To test this I'm just calling @Token in my cshtml razor view. When I publish this to my Azure website it doesn't work. If i leave the GoogleJsonWebToken class unmodified I get a very unhelpful 502 - Web server received an invalid response while acting as a gateway or proxy server. with no other information.
一些谷歌搜索后,我发现<一个href=\"http://stackoverflow.com/questions/25858398/502-invalid-response-when-calling-google-api-from-azure-website\">this SO帖子这是一个类似的问题。所以,我想他们的解决方案,我得到 System.Security.Cryptography.CryptographicException:系统找不到指定文件时,表示是从我的Azure网站上运行。当它从我的开发机器上运行,我得到 System.Net.WebException:远程服务器返回错误:(400)错误的请求我认为这是因为该解决方案在 CspKeyContainerInfo.KeyContainerName 是空而当我的dev的机器上运行未经修改的原班给了我像 {C0E26DC5-5D2C-4C77-8E40-79560F519588} 这是每次随机生成的,该值在签署签名的过程中使用。
After some Google searches I found this SO post which is a similar problem. So I tried their solution I get System.Security.Cryptography.CryptographicException: The system cannot find the file specified. when that is run from my Azure Website. When it is run from my dev machine I get System.Net.WebException: The remote server returned an error: (400) Bad Request. which I think is because with that solution the CspKeyContainerInfo.KeyContainerName is null whereas the original unmodified class when run on my dev machine gives me something like {C0E26DC5-5D2C-4C77-8E40-79560F519588} which is randomly generated each time and this value is used in the process of signing the signature.
然后我发现<一个href=\"http://stackoverflow.com/questions/25874317/x509certificate2-failing-in-azure-webjobs-calling-google-api\">this SO张贴但这种解决办法,得到相同的结果作为最后的溶液
I then found this SO post but that solution yielded the same results as the last solution.
我也尝试最 X509KeyStorageFlags 的不同组合都无济于事。
I have also tried most of the different combinations of X509KeyStorageFlags to no avail.
我无论怎样才能生成 CspKeyContainerInfo.KeyContainerName 本人或以其他方式成功生成 X509Certificate2 ?
How can I either generate the CspKeyContainerInfo.KeyContainerName myself or otherwise successfully generate the X509Certificate2?
推荐答案
我发现<一个解决方案href=\"https://social.msdn.microsoft.com/Forums/vstudio/en-US/7ea48fd0-8d6b-43ed-b272-1a0249ae490f/systemsecuritycryptographycryptographicexception-the-system-cannot-find-the-file-specified?forum=clr\">this MSDN论坛帖子。基本上我需要设置 X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet 我在第一次读到SO后我提到的,然后我需要标志= CspProviderFlags.UseMachineKeyStore 在我的CspParamaters。
I found the solution on this MSDN forum post. Basically I needed to set X509KeyStorageFlags.Exportable | X509KeyStorageFlags.MachineKeySet as I read in the first SO post I mentioned and then I needed Flags = CspProviderFlags.UseMachineKeyStore in my CspParamaters.
我已经发布在GitHub上我完整的解决方案。
I have posted my full solution on GitHub
这篇关于502错误在谷歌为Azure的API网站P12证书生成X509Certificate2时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
