问题
Tried the basic location retriever code (shown below)
String uri = "https://management.core.windows.net/";
String subscriptionId = "XXXXXXXX-5fad-XXXXXX-9dfa-XXXXXX";
String keyStoreLocation = "D:\\test.jks";
String keyStorePassword = "123456";
Configuration config = ManagementConfiguration.configure(
new URI(uri),
subscriptionId,
keyStoreLocation, // the file path to the JKS
keyStorePassword, // the password for the JKS
KeyStoreType.jks // flags that I'm using a JKS keystore
);
ManagementClient client = ManagementService.create(config);
// get the list of regions
LocationsListResponse response = client.getLocationsOperations().list();
ArrayList<Location> locations = response.getLocations();
// write them out
for( int i=0; i<locations.size(); i++){
System.out.println(locations.get(i).getDisplayName());
}
and It works fine. But when I try to create the ComputeManagementClient and try to restart a VM
ComputeManagementClient computeManagementClient = ComputeManagementService.create(config);
VirtualMachineOperations virtualMachinesOperations= computeManagementClient.getVirtualMachinesOperations();
virtualMachinesOperations.restart("SQLVM", "sqlvm.cloudapp.net");
I'm getting the certificate error.
Exception in thread "main" java.util.concurrent.ExecutionException: com.microsoft.windowsazure.exception.ServiceException: ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:188)
at com.microsoft.azure.management.compute.VirtualMachineOperationsImpl.restart(VirtualMachineOperationsImpl.java:9973)
at com.microsoft.azure.compute.RestartVMExample.main(RestartVMExample.java:84)
PS: I created a the .cer from Java Keystore and uploaded into Azure with no issues.
Any clues what is happening?
回答1:
The issue is caused by using the incorrect Azure Java SDK libraries. When I used the maven dependencies in the file pom.xml below, I reproduced the same exception.
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-mgmt-compute</artifactId>
<version>0.8.3</version>
</dependency>
The library supply the VM restart function need two arguments: resource group name
and vm name
. But the API of library azure-mgmt-compute
is used for Azure Resource Management.
To restart VM, you need to use the API of library azure-svc-mgmt-compute
for Azure Service Management if you used JKS certificates. The Class VirtualMachineOperations
supply the same name function restart
need three arguments: service name
, deployment name
and vm name
. You can find these names from Cloud Service dashboard on Azure Portal. In your issue code, the vm name
should be "sqlvm".
The right maven pom.xml for dependencies as below:
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-svc-mgmt</artifactId>
<version>0.8.3</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-svc-mgmt-compute</artifactId>
<version>0.8.3</version>
</dependency>
And the code as below
virtualMachinesOperations.restart("<service name: sqlvm>", "<deployment name: sqlvm>", "<vm name: sqlvm>");
The steps below for genkeypair by using Java Keytool in the path JAVA_HOME/bin:
keytool -genkeypair -alias keyfile -keyalg RSA -keystore <KeyStore.jks>
-keysize 2048 -storepass "<password>"
keytool -v -export -file <KeyStore.cer> -keystore KeyStore.jks -alias keyfile
My code:
String uri = "https://management.core.windows.net/";
String subscriptionId = "<subscription_id>";
String keyStoreLocation = "KeyStore.jks";
String keyStorePassword = "<password>";
Configuration config = ManagementConfiguration.configure(
new URI(uri),
subscriptionId,
keyStoreLocation, // the file path to the JKS
keyStorePassword, // the password for the JKS
KeyStoreType.jks // flags that I'm using a JKS keystore
);
ComputeManagementClient computeManagementClient = ComputeManagementService.create(config);
VirtualMachineOperations virtualMachinesOperations = computeManagementClient.getVirtualMachinesOperations();
virtualMachinesOperations.restart("petercore", "petercore", "petercore");
来源:https://stackoverflow.com/questions/33082328/azure-java-sdk-serviceexception-forbiddenerror