问题描述
我用我的应用程序蔚蓝服务管理REST API。我上传的蔚蓝管理证书,并在当地有一个副本。
我把认证的应用程序本身就是一个单独的文件夹(AzureCertificate)并参考该位置。
例如:
I'm using azure service management REST API in my application. I uploaded the management certificate on azure and have a copy in local.I keep the certification in a separate folder (AzureCertificate) in the application itself and referring to that location.e.g:
字符串certificatePath =使用Server.Mappath(〜/ AzureCertificate /)+
certificateName;
X509Certificate2证书=新X509Certificate2(certificatePath);
X509Certificate2 certificate = new X509Certificate2(certificatePath);
AzureCertificate - 文件夹名称certificateName -
MyCertificatieName.cer
AzureCertificate -- Folder name certificateName - MyCertificatieName.cer
当我运行该应用程序我的本地开发环境,它工作正常。但我发现了下面的错误,当我部署蔚蓝的网站是一样的。
it works fine when I run the application my local development environment. But I'm getting the below error when I deploy the same in azure website.
远程服务器返回错误:(403)禁止
这是怎么发出请求
字符串URI = apiURL + subscriptionId +/服务/ hostedservices;
HttpWebRequest的REQ =(HttpWebRequest的)HttpWebRequest.Create(URI);
HttpWebRequest req = (HttpWebRequest)HttpWebRequest.Create(uri);
X509Certificate2证书=新X509Certificate2(certificatePath);
X509Certificate2 certificate = new X509Certificate2(certificatePath);
req.ClientCertificates.Add(证书);
req.ClientCertificates.Add(certificate);
req.Headers.Add(X-MS-版本,2009-10-01); HttpWebResponse RES =
req.Headers.Add("x-ms-version", "2009-10-01"); HttpWebResponse res =
(HttpWebResponse)req.GetResponse();
(HttpWebResponse)req.GetResponse();
但最后一行抛出上面说的异常(req.GetResponse())。
But it throws the above said exception at the last line (req.GetResponse()).
我们能否使用管理证书,以这种方式?
Can we use the management certificate in this way?.
我的要求是开发一种采用蔚蓝色的REST API的应用程序,并在蔚蓝的部署。
My requirement is to develop an application which uses the azure REST API and deploy in azure.
推荐答案
我还发现,创建证书正好与管理API使用正确的方法是很重要的 - 我得到的403错误,直到我用这个脚本创建证书:
I have also found that creating the certificate exactly the right way for use with the Management API is very important - I was getting 403 errors until I used this script for creating the certificate:
makecert -r -pe -a sha1 -n "CN=Windows Azure Authentication Certificate" -ss my -len 2048 -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 ManagementApiCert.cer
我在这里:http://blogs.msdn.com/b/davidhardin/archive/2013/08/27/azure-management-certificate-public-key-private-key.aspx这是一对夫妇岁,但为我工作,当其他较新的我试过了没有。
I got that here: http://blogs.msdn.com/b/davidhardin/archive/2013/08/27/azure-management-certificate-public-key-private-key.aspx which is a couple of years old but worked for me when other newer ones I tried did not.
此外,还要确保您上传下管理证书的证书在门户网站设置,它不是一个SSL或远程访问证书。
Also, make sure you upload the certificate under Management Certificates in Settings in the portal, it is not an SSL or remote access certificate.
这篇关于天青REST API使用管理证书的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!