Azure .NET核心数据保护密钥不会自动续订
去年夏天,我转而使用blob存储和KeyVault来存储和加密我的简单.NET核心web应用程序的数据保护密钥。我这样做是为了在我将部署环境从登台切换到生产环境后,用户不必重新登录 我用下一页作为指南 这是我的启动配置Azure .NET核心数据保护密钥不会自动续订,azure,azure-keyvault,data-protection,asp.net-core-5.0,Azure,Azure Keyvault,Data Protection,Asp.net Core 5.0,去年夏天,我转而使用blob存储和KeyVault来存储和加密我的简单.NET核心web应用程序的数据保护密钥。我这样做是为了在我将部署环境从登台切换到生产环境后,用户不必重新登录 我用下一页作为指南 这是我的启动配置 services.AddDataProtection() .PersistKeysToAzureBlobStorage(new Uri($"{dpSettings.BlobUrl}{dpSettings.SasToken}"))
services.AddDataProtection()
.PersistKeysToAzureBlobStorage(new Uri($"{dpSettings.BlobUrl}{dpSettings.SasToken}"))
.ProtectKeysWithAzureKeyVault(new Uri(dpSettings.KeyVaultUrl), new DefaultAzureCredential());
<PackageReference Include="Azure.Extensions.AspNetCore.DataProtection.Keys" Version="1.0.2" />
<PackageReference Include="Azure.Identity" Version="1.3.0" />
<PackageReference Include="BuildBundlerMinifier" Version="3.2.449" />
<PackageReference Include="EPPlus" Version="4.5.3.2" />
<PackageReference Include="HtmlSanitizer" Version="5.0.376" />
<PackageReference Include="Microsoft.ApplicationInsights.AspNetCore" Version="2.17.0" />
<PackageReference Include="Microsoft.ApplicationInsights.PerfCounterCollector" Version="2.17.0" />
<PackageReference Include="Microsoft.AspNetCore.DataProtection.AzureStorage" Version="3.1.13" />
<PackageReference Include="Microsoft.AspNetCore.Identity.EntityFrameworkCore" Version="5.0.4" />
<PackageReference Include="Microsoft.AspNetCore.Mvc.Razor.RuntimeCompilation" Version="5.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Design" Version="5.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.EntityFrameworkCore.SqlServer" Version="5.0.4" />
<PackageReference Include="Microsoft.EntityFrameworkCore.Tools" Version="5.0.4">
<PrivateAssets>all</PrivateAssets>
<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
</PackageReference>
<PackageReference Include="Microsoft.Extensions.Logging.Debug" Version="5.0.0" />
<PackageReference Include="Microsoft.VisualStudio.Web.CodeGeneration.Design" Version="5.0.2" PrivateAssets="All" />
<PackageReference Include="Postmark" Version="4.5.0" />
<PackageReference Include="Stripe.net" Version="35.17.0" />
<PackageReference Include="TimeZoneConverter" Version="3.4.0" />
经过一些故障排除,我发现blob存储中的keys.xml文件的过期日期为今天。我的理解是,随着到期日期的临近,应该创建一个新密钥。为了解决这个问题,我只需删除keys.xml文件,然后应用程序就会创建一个新文件。我想我可以自动化这个,但我很确定我不应该这么做。非常感谢您的帮助。您生成blob Sas令牌的时间是多长?Sas令牌的过期时间设置为2100。您可以发布您的启动吗?还请添加您正在使用的PackageReference?您好,我已经添加了我的引用,启动文件的相关部分已经包含在内。我不确定我能否在这里共享完整的文件。有什么特别的东西我应该找吗?
Message: An error occurred while trying to encrypt the provided data. Refer to the inner exception for more information.
Stacktrace:
at Microsoft.AspNetCore.DataProtection.KeyManagement.KeyRingBasedDataProtector.Protect(Byte[] plaintext)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgeryTokenSerializer.Serialize(AntiforgeryToken token)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.Serialize(IAntiforgeryFeature antiforgeryFeature)
at Microsoft.AspNetCore.Antiforgery.DefaultAntiforgery.GetAndStoreTokens(HttpContext httpContext)
at...