Sah*_*Lee 4 certificate azure azure-keyvault
我有一个webjob从azure密钥保险库服务中获取证书,并且在本地我没有从kv访问/获取此证书的问题。但是,当部署此webjob时,出现此错误:
System.Security.Cryptography.CryptographicException: The system cannot find the file specified.
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at Microsoft.Ambassadors.Infrastructure.KeyVaultService.<GetCertificateAsync>d__7.MoveNext() in C:\Source\Repos\Xbox.Ambassadors\Microsoft.Ambassadors.Azure\Microsoft.Ambassadors.Infrastructure\KeyVaultService.cs:line 0
我已经使用AAD注册了该应用程序(托管此Webjob的位置),并且该应用程序具有对kv空间的只读访问权限。我发现了一些与此相关的帖子(我认为..?):
“发生了内部错误。” 使用X509Certificate2加载pfx文件时
但是我不确定这是否可以解决我的问题...?如果有人可以提供帮助,那真是太好了!感谢:D
除了要部署到Azure Web应用程序外,我遇到了同样的问题。我通过添加来修复它X509KeyStorageFlags。
SecretBundle secretBundle = await keyVaultClient.GetSecretAsync(_keyVaultOptions.IdentitySigningCredentialUri);
_signingCredential = new X509Certificate2(Convert.FromBase64String(secretBundle.Value), string.Empty, X509KeyStorageFlags.MachineKeySet | X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable);
| 归档时间: |
|
| 查看次数: |
637 次 |
| 最近记录: |