问题描述
我使用的是谷歌Analytics(分析)API和我跟着这太问题成立的OAuth:
I'm using the Google Analytics API and I followed this SO question to set up the OAuth: http://stackoverflow.com/a/13013265/1299363
下面是我的OAuth代码:
Here is my OAuth code:
public void SetupOAuth ()
{
var Cert = new X509Certificate2(
PrivateKeyPath,
"notasecret",
X509KeyStorageFlags.Exportable);
var Provider = new AssertionFlowClient(GoogleAuthenticationServer.Description, Cert)
{
ServiceAccountId = ServiceAccountUser,
Scope = ApiUrl + "analytics.readonly"
};
var Auth = new OAuth2Authenticator<AssertionFlowClient>(Provider, AssertionFlowClient.GetState);
Service = new AnalyticsService(Auth);
}
PrivateKeyPath是由谷歌API控制台中提供的私钥文件的路径。这工作完全在我的本地机器上,但是当我推到我们的测试服务器,我得到
PrivateKeyPath is the path of the private key file provided by Google API Console. This works perfectly on my local machine, but when I push it up to our test server I get
System.Security.Cryptography.CryptographicException: An internal error occurred.
与下面的堆栈跟踪(不相干的部分去掉):
with the following stack trace (irrelevant parts removed):
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +33
System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromFile(String fileName, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) +0
System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags) +237
System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) +140
Metrics.APIs.GoogleAnalytics.SetupOAuth() in <removed>\Metrics\APIs\GoogleAnalytics.cs:36
Metrics.APIs.GoogleAnalytics..ctor(String PrivateKeyPath) in <removed>\Metrics\APIs\GoogleAnalytics.cs:31
所以看起来好像是有问题的加载文件。我检查了传入的PrivateKeyPath,它是指向正确的位置。
So it appears as if it is having trouble loading the file. I've checked the PrivateKeyPath that is passed in and it is pointing to the correct location.
任何想法?我不知道这是否与服务器,文件,代码或什么的问题。
Any ideas? I don't know if this is an issue with the server, the file, the code or what.
推荐答案
一个事物浮现在我的脑海里是你的应用程序池的身份,确保加载用户配置文件被打开,否则加密susbsystem不起作用。
One of things that comes to my mind is the identity of your app pool, make sure that the Load user profile is turned on otherwise the crypto susbsystem does not work.
这篇关于X509证书不加载服务器私钥文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!