gpt4 book ai didi

azure - 将证书从 Key Vault 添加到 Azure VM

转载 作者:行者123 更新时间:2023-12-03 01:40:42 28 4
gpt4 key购买 nike

我正在使用此链接上的步骤将应用服务证书配置到 Azure 虚拟机 - https://blogs.msdn.microsoft.com/appserviceteam/2017/10/26/configure-app-service-certificate-to-azure-virtual-machine/

我已完成步骤 1 到步骤 6。尝试将证书从 key 保管库添加到虚拟机时遇到困难。我使用了链接中的步骤:https://learn.microsoft.com/en-us/azure/virtual-machines/windows/tutorial-secure-web-server

我在 Azure 门户的 Cloud shell 上使用了以下脚本。

$certUrl = (Get-AzureKeyVaultSecret -VaultName "xxxKeyVault" -Name "xxxcert").Id;

$vm=Get-AzureRmVM -ResourceGroupName "xxx_Group" -Name "XXX"

$vaultId=(Get-AzureRmKeyVault -VaultName "xxxKeyVault").ResourceId

$certStore = "MyCert";

$vm = Add-AzureRmVMSecret -VM $vm -SourceVaultId $vaultId -CertificateStore $certStore -CertificateUrl $certURL

Update-AzureRmVM -ResourceGroupName "xxx_Group" -VM $vm>

但是到达最后一个脚本时,我收到错误

Update-AzureRmVM : List vaultCertificates contains repeated instances of (https://xxxkeyvault.vault.azure.net/secrets/xxxxxx/xxxxxx, mycert), which is disallowed. ErrorCode: InvalidParameter ErrorMessage: List vaultCertificates contains repeated instances of (https://xxxkeyvault.vault.azure.net/secrets/xxxxxx/xxxxxx, mycert), which is disallowed. ErrorTarget: vaultCertificates StatusCode: 400 ReasonPhrase: Bad Request OperationID : 51078b39-72a0-4a6f-be02-e0fff12dff8b At line:1 char:1 + Update-AzureRmVM -ResourceGroupName "xxxx_Group" -VM $vm + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [Update-AzVM], ComputeCloudException + FullyQualifiedErrorId : Microsoft.Azure.Commands.Compute.UpdateAzureVMCommand

我错过了什么吗?我的虚拟机有一个窗口。

更新我已经验证我在虚拟机上拥有多个相同的证书。请问我到底要删除哪一个?

"secrets": [
{
"sourceVault": {
"id": "/subscriptions/xxxx/resourceGroups/xxxx/providers/Microsoft.KeyVault/vaults/xxxKeyVault"
},
"vaultCertificates": [
{
"certificateUrl": "https://xxxkeyvault.vault.azure.net/secrets/xxxx/xxxx",
"certificateStore": "My"
},
{
"certificateUrl": "https://xxxxkeyvault.vault.azure.net/secrets/xxxxx/xxxxx",
"certificateStore": "My"
},
{
"certificateUrl": "https://xxxxkeyvault.vault.azure.net/secrets/xxxxxx/xxxxxxx",
"certificateStore": "My"
},
{
"certificateUrl": "https://xxxxkeyvault.vault.azure.net/secrets/xxxxxxx/xxxxxxxx",
"certificateStore": "MyCert"
}
]
},
{
"sourceVault": {},
"vaultCertificates": {}
}
],

最佳答案

你需要做的是:

  1. 打开 resources.azure.com
  2. 导航到您的虚拟机
  3. 点击编辑,从 osProfile 中删除证书,点击补丁
  4. 重新运行脚本

Azure 的问题 - 它不知道(或关心)您的虚拟机是否确实具有您尝试安装的证书,它提示的是虚拟机定义已经具有该证书,因此无法添加它。

关于azure - 将证书从 Key Vault 添加到 Azure VM,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/53937580/

28 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com