Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/azure/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Azure WorkerRole:证书密钥在指定状态下无效_Azure - Fatal编程技术网
Fatal编程技术网
  • azure/
  • Azure WorkerRole:证书密钥在指定状态下无效

Azure WorkerRole:证书密钥在指定状态下无效

azure

Azure WorkerRole:证书密钥在指定状态下无效,azure,Azure,System.Security.Cryptography.CryptographyException:密钥对无效 在指定状态下使用 在 系统。安全。加密。加密异常。ThrowCryptographicException(Int32 hr)在System.Security.Cryptography.Utils.\u导出密钥(SafeKeyHandle hKey,Int32 blobType,对象(对象)位于 System.Security.Cryptography.RSACryptoService

System.Security.Cryptography.CryptographyException:密钥对无效 在指定状态下使用

在 系统。安全。加密。加密异常。ThrowCryptographicException(Int32 hr)在System.Security.Cryptography.Utils.\u导出密钥(SafeKeyHandle hKey,Int32 blobType,对象(对象)位于 System.Security.Cryptography.RSACryptoServiceProvider.ExportParameters(布尔值) 包括专用参数)在 System.Security.Cryptography.RSA.ToXmlString(布尔值) 包括专用参数)

现在,我相信会发生这种情况,因为当Azure将证书添加到我的WorkerRole部署时,它不会安装带有“将此密钥标记为可导出”选项的证书

我需要向我的workerrole中添加一个证书才能解密加密设置

任何人对我如何使Azure将证书私钥标记为可导出有任何想法。或者这可能是另一个问题

启动:

    try{

        var conn = System.Text.UTF8Encoding.UTF8.GetString(Decrypt(Convert.FromBase64String(setting), true, cert));

    }catch(Exception ex)
    {
        Trace.TraceError(ex.ToString());

    }
方法:

        public static X509Certificate2 LoadCertificate(StoreName storeName,
   StoreLocation storeLocation, string tprint)
        {
            X509Store store = new X509Store(storeName, storeLocation);

            try
            {
                store.Open(OpenFlags.ReadOnly);

                X509Certificate2Collection certificateCollection =
                     store.Certificates.Find(X509FindType.FindByThumbprint,
                                            tprint, false);

                if (certificateCollection.Count > 0)
                {
                    //  We ignore if there is more than one matching cert, 
                    //  we just return the first one.
                    return certificateCollection[0];
                }
                else
                {
                    throw new ArgumentException("Certificate not found");
                }
            }
            finally
            {
                store.Close();
            }
        }
    public static byte[] Decrypt(byte[] encryptedData, bool fOAEP,
                           X509Certificate2 certificate)
    {
        if (encryptedData == null)
        {
            throw new ArgumentNullException("encryptedData");
        }
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        using (RSACryptoServiceProvider provider = new RSACryptoServiceProvider())
        {
            // Note that we use the private key to decrypt
            provider.FromXmlString(GetXmlKeyPair(certificate));

            return provider.Decrypt(encryptedData, fOAEP);
        }
    }
    public static string GetXmlKeyPair(X509Certificate2 certificate)
    {
        if (certificate == null)
        {
            throw new ArgumentNullException("certificate");
        }

        if (!certificate.HasPrivateKey)
        {
            throw new ArgumentException("certificate does not have a private key");
        }
        else
        {
            return certificate.PrivateKey.ToXmlString(true);
        }
    }
我找到了解决办法

我的另一个问题在这里给出了答案: