经与Azure的虚拟机和REST API的问题 [英] Having problems with Azure virtual machines and REST api
问题描述
我试着启动Azure的VM编程方式(使用管理证书)。错误401未经授权:我试着何时处理HTTP请求收到此错误。 (那不是当证书错误出现错误)。尝试了其他请求相同的订阅(名单托管服务) - 去好了,好像这个问题似乎只有当IM试着与虚拟机的工作。不知道我是不是做错了什么。这里的code:
静态无效的主要(字串[] args)
{
证书=新X509Certificate2(Convert.FromBase64String(base64Cer)); 串uriFormat = \"https://management.azure.com/subscriptions/{my_sub_id}/resourceGroups/{my_resourse_group}/providers/Microsoft.ClassicCompute/virtualMachines/{my_machine_name}/start?api-version={0}\"; 开放的我们的uri =新的URI(的String.Format(uriFormat,版本)); 的XDocument responseBody;
HttpWebResponse响应= InvokeRequest(URI,POST,出responseBody); 的HTTPStatus code状态code =状态code = response.Status code;
Console.WriteLine(操作的状态:{0} \\ n \\ n,状态code.ToString());
Console.WriteLine(responseBody.ToString(SaveOptions.OmitDuplicateNamespaces));
Console.Write(preSS任意键继续:);
Console.ReadKey();
} 私有静态HttpWebResponse InvokeRequest(URI URI,字符串的方法,出的XDocument responseBody)
{
HttpWebRequest的要求=(HttpWebRequest的)HttpWebRequest.Create(URI);
request.Method =方法;
request.Headers.Add(X-MS-版,版);
request.ClientCertificates.Add(证书);
request.ContentType =应用/ JSON;
request.ContentLength = 0; responseBody = NULL;
HttpWebResponse响应;
尝试
{
响应=(HttpWebResponse)request.GetResponse();
}
赶上(引发WebException前)
{
响应=(HttpWebResponse)ex.Response;
}
XmlReaderSettings设置=新XmlReaderSettings();
settings.DtdProcessing = DtdProcessing.Ignore;
如果(response.ContentLength大于0)
{
使用(读者的XmlReader = XmlReader.Create(response.GetResponseStream()设置))
{
尝试
{
responseBody = XDocument.Load(读卡器);
}
抓住
{
responseBody = NULL;
}
}
}
response.Close();
返回响应;
}
你得到这个错误的原因是因为你想认证/授权的 Azure的资源管理器(ARM)
与X509证书API请求。 ARM API的授权要求 Azure的AD基于授权令牌
。请参阅此链接验证/授权的ARM API请求: https://开头msdn.microsoft.com/en-us/library/azure/dn790557.aspx 。
X509基于证书的认证/授权仅适用于传统服务管理API请求。
Im trying to start Azure VM programmatically (using management certificate). Im getting this error when trying to process http request: error 401 Unauthorized. (thats not an error that appears when certificate is wrong). Tried other request to the same subscription(list hosted services) - went ok, seems like the problem appears only when im tryin to work with virtual machines. Have no idea what am i doing wrong. Here's the code:
static void Main(string[] args)
{
Certificate = new X509Certificate2(Convert.FromBase64String(base64Cer));
string uriFormat = "https://management.azure.com/subscriptions/{my_sub_id}/resourceGroups/{my_resourse_group}/providers/Microsoft.ClassicCompute/virtualMachines/{my_machine_name}/start?api-version={0}";
Uri uri = new Uri(string.Format(uriFormat, Version));
XDocument responseBody;
HttpWebResponse response = InvokeRequest(uri, "POST", out responseBody);
HttpStatusCode statusCode = statusCode = response.StatusCode;
Console.WriteLine("The status of the operation: {0}\n\n", statusCode.ToString());
Console.WriteLine(responseBody.ToString(SaveOptions.OmitDuplicateNamespaces));
Console.Write("Press any key to continue:");
Console.ReadKey();
}
private static HttpWebResponse InvokeRequest( Uri uri, string method, out XDocument responseBody)
{
HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
request.Method = method;
request.Headers.Add("x-ms-version", Version);
request.ClientCertificates.Add(Certificate);
request.ContentType = "application/json";
request.ContentLength = 0;
responseBody = null;
HttpWebResponse response;
try
{
response = (HttpWebResponse)request.GetResponse();
}
catch (WebException ex)
{
response = (HttpWebResponse)ex.Response;
}
XmlReaderSettings settings = new XmlReaderSettings();
settings.DtdProcessing = DtdProcessing.Ignore;
if (response.ContentLength > 0)
{
using (XmlReader reader = XmlReader.Create(response.GetResponseStream(), settings))
{
try
{
responseBody = XDocument.Load(reader);
}
catch
{
responseBody = null;
}
}
}
response.Close();
return response;
}
The reason you're getting this error is because you're trying to authenticate/authorize an Azure Resource Manager (ARM)
API request with an X509 Certificate. Authorization of ARM API requires Azure AD based authorization token
. Please see this link for authenticating/authorizing an ARM API request: https://msdn.microsoft.com/en-us/library/azure/dn790557.aspx.
X509 Certificate based authentication/authorization works only for Classic Service Management API requests.
这篇关于经与Azure的虚拟机和REST API的问题的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!