问题
I am running into a similar issue that is described here. This is a .NET Core 3.1 App running as a Azure WebJob in Azure App Service. Based on the discussion in the above link, I assume this is an issue with file counts in a directory, I am having trouble figuring out which directory is getting full. The environments page on the Kudu portal shows this, basically doesn't seem to be a overall disk space issue-
D:\home usage: 57,344 MB total; 56,795 MB free
d:\local usage: 11,264 MB total; 10,683 MB free
I also did look at the paths mentioned in the above link without much success. Is there a way to figure out which is the offending path, before I try the code fix suggested in the related issue?
[08/02/2020 09:20:53 > 4708f0: INFO] Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: There is not enough space on the disk.
[08/02/2020 09:20:53 > 4708f0: INFO] at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(Byte[] rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
[08/02/2020 09:20:53 > 4708f0: INFO] at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(Byte[] rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
[08/02/2020 09:20:53 > 4708f0: INFO] at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
[08/02/2020 09:20:53 > 4708f0: INFO] at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password)
回答1:
Unless a PFX is loaded with X509KeyStorageFlags.EphemeralKeySet, the private key material is written to disk. The particular place depends on the information in the PFX, but the directories used in 99.99% of all PFX loads are documented at https://docs.microsoft.com/en-us/windows/win32/seccng/key-storage-and-retrieval#key-directories-and-files.
(In the 0.01% case, the PFX contents say to load the key into some other storage provider which uses some other location.)
Or, unless you're doing one of the few things that require named keys, specify EphemeralKeySet when loading the PFX.
来源:https://stackoverflow.com/questions/63274366/x509certificate2-constructor-throwing-internal-cryptography-cryptothrowhelperwi