经与Azure的虚拟机和REST API的问题 [英] Having problems with Azure virtual machines and REST api

问题描述

我试着启动Azure的VM编程方式（使用管理证书）。错误401未经授权：我试着何时处理HTTP请求收到此错误。 （那不是当证书错误出现错误）。尝试了其他请求相同的订阅（名单托管服务） - 去好了，好像这个问题似乎只有当IM试着与虚拟机的工作。不知道我是不是做错了什么。这里的code：

 静态无效的主要（字串[] args）
    {
        证书=新X509Certificate2（Convert.FromBase64String（base64Cer））;        串uriFormat = \"https://management.azure.com/subscriptions/{my_sub_id}/resourceGroups/{my_resourse_group}/providers/Microsoft.ClassicCompute/virtualMachines/{my_machine_name}/start?api-version={0}\";        开放的我们的uri =新的URI（的String.Format（uriFormat，版本））;        的XDocument responseBody;
        HttpWebResponse响应= InvokeRequest（URI，POST，出responseBody）;        的HTTPStatus code状态code =状态code = response.Status code;
        Console.WriteLine（操作的状态：{0} \\ n \\ n，状态code.ToString（））;
        Console.WriteLine（responseBody.ToString（SaveOptions.OmitDuplicateNamespaces））;
        Console.Write（preSS任意键继续：）;
        Console.ReadKey（）;
    }    私有静态HttpWebResponse InvokeRequest（URI URI，字符串的方法，出的XDocument responseBody）
    {
        HttpWebRequest的要求=（HttpWebRequest的）HttpWebRequest.Create（URI）;
        request.Method =方法;
        request.Headers.Add（X-MS-版，版）;
        request.ClientCertificates.Add（证书）;
        request.ContentType =应用/ JSON;
        request.ContentLength = 0;        responseBody = NULL;
        HttpWebResponse响应;
        尝试
        {
            响应=（HttpWebResponse）request.GetResponse（）;
        }
        赶上（引发WebException前）
        {
            响应=（HttpWebResponse）ex.Response;
        }
        XmlReaderSettings设置=新XmlReaderSettings（）;
        settings.DtdProcessing = DtdProcessing.Ignore;
        如果（response.ContentLength大于0）
        {
            使用（读者的XmlReader = XmlReader.Create（response.GetResponseStream（）设置））
            {
                尝试
                {
                    responseBody = XDocument.Load（读卡器）;
                }
                抓住
                {
                    responseBody = NULL;
                }
            }
        }
        response.Close（）;
        返回响应;
    }
 

解决方案

你得到这个错误的原因是因为你想认证/授权的 Azure的资源管理器（ARM）与X509证书API请求。 ARM API的授权要求 Azure的AD基于授权令牌。请参阅此链接验证/授权的ARM API请求： https：//开头msdn.microsoft.com/en-us/library/azure/dn790557.aspx 。

X509基于证书的认证/授权仅适用于传统服务管理API请求。

Im trying to start Azure VM programmatically (using management certificate). Im getting this error when trying to process http request: error 401 Unauthorized. (thats not an error that appears when certificate is wrong). Tried other request to the same subscription(list hosted services) - went ok, seems like the problem appears only when im tryin to work with virtual machines. Have no idea what am i doing wrong. Here's the code:

 static void Main(string[] args)
    {
        Certificate = new X509Certificate2(Convert.FromBase64String(base64Cer));

        string uriFormat = "https://management.azure.com/subscriptions/{my_sub_id}/resourceGroups/{my_resourse_group}/providers/Microsoft.ClassicCompute/virtualMachines/{my_machine_name}/start?api-version={0}";

        Uri uri = new Uri(string.Format(uriFormat, Version));

        XDocument responseBody;
        HttpWebResponse response = InvokeRequest(uri, "POST", out responseBody);

        HttpStatusCode statusCode = statusCode = response.StatusCode;
        Console.WriteLine("The status of the operation: {0}\n\n", statusCode.ToString());
        Console.WriteLine(responseBody.ToString(SaveOptions.OmitDuplicateNamespaces));


        Console.Write("Press any key to continue:");
        Console.ReadKey();
    }

    private static HttpWebResponse InvokeRequest( Uri uri, string method, out XDocument responseBody)
    {
        HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
        request.Method = method;
        request.Headers.Add("x-ms-version", Version);
        request.ClientCertificates.Add(Certificate);
        request.ContentType = "application/json";
        request.ContentLength = 0;

        responseBody = null;
        HttpWebResponse response;
        try
        {
            response = (HttpWebResponse)request.GetResponse();
        }
        catch (WebException ex)
        {
            response = (HttpWebResponse)ex.Response;
        }
        XmlReaderSettings settings = new XmlReaderSettings();
        settings.DtdProcessing = DtdProcessing.Ignore;
        if (response.ContentLength > 0)
        {
            using (XmlReader reader = XmlReader.Create(response.GetResponseStream(), settings))
            {
                try
                {
                    responseBody = XDocument.Load(reader);
                }
                catch
                {
                    responseBody = null;
                }
            }
        }
        response.Close();
        return response;
    }

解决方案

The reason you're getting this error is because you're trying to authenticate/authorize an Azure Resource Manager (ARM) API request with an X509 Certificate. Authorization of ARM API requires Azure AD based authorization token. Please see this link for authenticating/authorizing an ARM API request: https://msdn.microsoft.com/en-us/library/azure/dn790557.aspx.

X509 Certificate based authentication/authorization works only for Classic Service Management API requests.

这篇关于经与Azure的虚拟机和REST API的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！