gpt4 book ai didi

c# - Azure 网站中的站点无法处理 X509Certificate2

转载 作者:IT王子 更新时间:2023-10-29 04:05:37 24 4
gpt4 key购买 nike

我在 Azure 网站(不是托管服务)中有一个站点,我需要在那里使用私钥处理 .pfx 证书。

var x509Certificate2 = new X509Certificate2(certificate, password);

但是我遇到了以下异常:

System.Security.Cryptography.CryptographicException: The system cannot find the file specified.

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)

文章中http://blog.tylerdoerksen.com/2013/08/23/pfx-certificate-files-and-windows-azure-websites/我发现发生这种情况是因为默认情况下系统使用用户的本地目录来存储 key 。但Azure网站没有本地用户配置文件目录。在同一篇文章中,作者建议使用 X509KeyStorageFlags.MachineKeySet 标志。

var x509Certificate2 = new X509Certificate2(certificate, password, X509KeyStorageFlags.MachineKeySet);

但现在我有其他异常(exception):

System.Security.Cryptography.CryptographicException: Access denied.

at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx)
at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)

有人可以帮助我理解为什么会发生这种情况以及如何解决它吗?

最佳答案

我猜你找到了解决方法,但如果其他人正在为此苦苦挣扎,我在另一个问题中找到了答案:

How can constructing an X509Certificate2 from a PKCS#12 byte array throw CryptographicException("The system cannot find the file specified.")?

神奇之处在于指定 X509KeyStorageFlags 存储标志。示例:

var myCertificae = new X509Certificate2(
certificateData,
securePasswordString,
X509KeyStorageFlags.MachineKeySet |
X509KeyStorageFlags.PersistKeySet |
X509KeyStorageFlags.Exportable);

关于c# - Azure 网站中的站点无法处理 X509Certificate2,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18959418/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com