CngKey.Import on azure

陌路散爱 提交于 2021-02-18 21:07:18

问题


var rawData = Convert.FromBase64String(_signingKey);
var cng = CngKey.Import(rawData, CngKeyBlobFormat.Pkcs8PrivateBlob);

I use this code to extract key, from embedded base64 string. It works fine when I test it locally but when I publish on azure I get following exception:

WindowsCryptographicException: The system cannot find the file specified

(once again I'm not reading from any file) I need this to communicate with apple apns for push notifications, is there any workaround? And this happens only on free service plan, if I switch to basic plan it's working.


回答1:


I ran into the same error after publishing an existing application to Azure. In my case the problem was solved after I set WEBSITE_LOAD_USER_PROFILE = 1 in App Services / App Name / Application Settings.




回答2:


It seems that it causes by there is no certificate attached in your Azure Mobile App. If it is that case, we need to upload the "Development" or "Distribution" SSL certificate to the WebApp. More info about how to send push notifications to iOS App, please refer to the azure document.




回答3:


I've had a similar error trying to construct a X509Certificate2 from a byte array - worked fine locally but once I deploy to Azure Web App, I got the same and VERY misleading file not found exception.

The real issue turned out to be that there was no user store associated with the web service account. You can also get a similar error if there are permission-related errors with accessing the certificate store on Windows.

In any case - In my scenario I fixed the problem by using MachineKeySet: new X509Certificate2(certRawBytes, default(string), X509KeyStorageFlags.MachineKeySet);

So, in your scenario, try something like:

var keyParams = new CngKeyCreationParameters
{
  KeyCreationOptions = CngKeyCreationOptions.MachineKey,
};
CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams);

Note: You may have to set a few parameters to get the above working. The Import method doesn't seem to support MachineKey - but you should be able to achieve similar outcome by using the Create method.




回答4:


To add to @strohmsn's answer, you can also set the App Service settings with this value directly within Visual Studio on the Publish page for web apps: Right click on web app and select Publish, then select App Service Settings, and you can add setting properties there: WEBSITE_LOAD_USER_PROFILE = 1 in this case. See screenshot:



来源:https://stackoverflow.com/questions/41165275/cngkey-import-on-azure

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!