Azure Web应用程序:System.Security.Cryptography.CryptographyException:密钥集不存在
我的应用程序在创建X509Certificate2期间遇到“System.Security.Cryptography.CryptographyException:密钥集不存在”异常 从Azure密钥库读取证书的函数:Azure Web应用程序:System.Security.Cryptography.CryptographyException:密钥集不存在,azure,azure-web-app-service,x509certificate2,Azure,Azure Web App Service,X509certificate2,我的应用程序在创建X509Certificate2期间遇到“System.Security.Cryptography.CryptographyException:密钥集不存在”异常 从Azure密钥库读取证书的函数: private string GetEncryptSecret(string certConfigName) { var kv = new KeyVaultClient(GetToken); var sec = kv.GetSecretAs
private string GetEncryptSecret(string certConfigName)
{
var kv = new KeyVaultClient(GetToken);
var sec = kv.GetSecretAsync(WebConfigurationManager.AppSettings[certConfigName]).Result;
return sec.Value;
}
public X509Certificate2 GetCertificate(CertificatesEnum certificate)
{
switch (certificate)
{
case CertificatesEnum.Accounts:
return new X509Certificate2(
Convert.FromBase64String(GetEncryptSecret(Constants.Magda.Certificates.Accounts)),
string.Empty, X509KeyStorageFlags.MachineKeySet);
}
}
public X509Certificate2 GetCertificate(CertificatesEnum certificate)
{
switch (certificate)
{
case CertificatesEnum.Accounts:
var accountCertRawData = Convert.FromBase64String(GetEncryptSecret(Constants.Magda.Certificates.Accounts));
X509Certificate2 accountCert = null;
for (int i = 0; i < 20; i++)
{
try
{
accountCert= new X509Certificate2(accountCertRawData , string.Empty,
X509KeyStorageFlags.MachineKeySet);
//set variable to test exception
var accountCert = accountCert.PrivateKey;
break;
}
catch (System.Security.Cryptography.CryptographicException)
{
Thread.Sleep(1000 * i);
}
}
return accountCert;
}
}
public X509Certificate2 GetCertificate(CertificatesEnum certificate)
{
switch (certificate)
{
case CertificatesEnum.Accounts:
var accountCertRawData = Convert.FromBase64String(GetEncryptSecret(Constants.Magda.Certificates.Accounts));
X509Certificate2 accountCert = null;
for (int i = 0; i < 20; i++)
{
try
{
accountCert= new X509Certificate2(accountCertRawData , string.Empty,
X509KeyStorageFlags.MachineKeySet);
//set variable to test exception
var accountCert = accountCert.PrivateKey;
break;
}
catch (System.Security.Cryptography.CryptographicException)
{
Thread.Sleep(1000 * i);
}
}
return accountCert;
}
}
public X509Certificate2 GetCertificate(CertificatesEnum certificate)
{
交换机(证书)
{
案例证书数量账户:
var accountCertRawData=Convert.FromBase64String(GetEncryptSecret(Constants.Magda.Certificates.Accounts));
X509Certificate2 accountCert=null;
对于(int i=0;i<20;i++)
{
尝试
{
accountCert=new X509Certificate2(accountCertRawData,string.Empty,
X509keystrageFlags.MachineKeySet);
//将变量设置为测试异常
var accountCert=accountCert.PrivateKey;
打破
}
catch(系统、安全、加密、加密异常)
{
睡眠(1000*i);
}
}
返回帐户证书;
}
}
是否有人对此有合适的解决方案,并且可以解释Azure Web应用程序后台发生的情况?尝试从Web应用程序中删除网站\u加载\u用户\u配置文件应用程序设置(如果可用) 在Azure WebApp中,要为我解决的问题是调用
GetPrivateKey()Keyset的“某些时间”问题不存在MachineKeySetX509Certificate2的构造函数中的存储标志参数new X509Certificate2(certContent, "", X509KeyStorageFlags.PersistKeySet | X509KeyStorageFlags.Exportable)
事实上,它能自己解决这个问题是令人困惑的。如果您使用了ondernemingCert.GetRSAPrivateKey(),它应该可以正常工作(但几乎肯定不会返回
RSACryptServiceProvider临时补丁了@SanderLesage@Xatep