c# - 在 WebService 中找不到 Windows Azure 管理证书

Question

我想使用 Windows Azure 管理 API 以编程方式扩展我的 Web 服务。首先，我尝试获得管理证书。

我使用 makecert.exe 创建了一个新的自签名证书。其描述here .

makecert -sky exchange -r -n "CN=<CertificateName>" -pe -a sha1 -len 2048 -ss My "<CertificateName>.cer"

然后我将证书上传到我的 Azure 订阅 ( this way )。 我确实在新的和以前的管理门户中看到了我上传的证书。

现在我添加以下内容 code到我的网络服务

private X509Certificate2 GetX509Certificate2()
    {

        // The thumbprint value of the management certificate.
        // You must replace the string with the thumbprint of a 
        // management certificate associated with your subscription.
        string certThumbprint = "mythumprint...";

        // Create a reference to the My certificate store.
        X509Store certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);

        // Try to open the store.
        try
        {
            certStore.Open(OpenFlags.ReadOnly);
        }
        catch (Exception e)
        {
            if (e is CryptographicException)
            {
                Console.WriteLine("Error: The store is unreadable.");
                debugTable.persist("Error: The store is unreadable.");
            }
            else if (e is SecurityException)
            {
                Console.WriteLine("Error: You don't have the required permission.");
                debugTable.persist("Error: You don't have the required permission.");
            }
            else if (e is ArgumentException)
            {
                Console.WriteLine("Error: Invalid values in the store.");
                debugTable.persist("Error: Invalid values in the store.");
            }
            else
            {
                debugTable.persist("Something got wrong with certificate");
                return null;
            }
        }

        // Find the certificate that matches the thumbprint.
        X509Certificate2Collection certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint, certThumbprint, false);
        certStore.Close();

        // Check to see if our certificate was added to the collection. If no, throw an error, if yes, create a certificate using it.
        if (0 == certCollection.Count)
        {
            Console.WriteLine("Error: No certificate found containing thumbprint " + certThumbprint);
            debugTable.persist("Error: No certificate found containing thumbprint " + certThumbprint);
            return null;
        }

        debugTable.persist("found cert");
        // Create an X509Certificate2 object using our matching certificate.
        X509Certificate2 certificate = certCollection[0];
        return certificate;
    }

debugtable.persists() 方法将调试消息写入表存储中。 最后我只在表格中找到这些条目:

"Error: No certificate found containing thumbprint " + certThumbprint

那么我的代码有什么问题吗？

Answer 1

您已在门户中上传了您的证书。这意味着该证书可用于对服务管理 API 进行身份验证。

现在，如果您想在 Web/辅助角色中托管的 WCF 服务/Web 服务中使用此证书，您还需要在云服务中上传该证书:

然后，您需要打开 Web/辅助角色的设置，并通过指定位置、存储名称和指纹在此处添加新证书:

如果您重新部署应用程序，证书将可用，并且您的 WCF 服务将能够使用它(如果该服务有足够的权限来访问它)。