C# 加载X509证书:Azure中出错,can';不能在本地繁殖
我有代码从appsettings.json文件加载X509证书以及密码(base64编码的pfx文件),如下所示:C# 加载X509证书:Azure中出错,can';不能在本地繁殖,c#,azure,asp.net-core,x509certificate,C#,Azure,Asp.net Core,X509certificate,我有代码从appsettings.json文件加载X509证书以及密码(base64编码的pfx文件),如下所示: public static X509Certificate2 LoadSsoCertificate(IConfiguration config) { //this should be a self-signed PFX certificate with the private key included. var certificate
public static X509Certificate2 LoadSsoCertificate(IConfiguration config)
{
//this should be a self-signed PFX certificate with the private key included.
var certificateText = config["SSO:x509Certificate"];
//this should be the password to open/ read the certificate.
var certificatePassword = config["SSO:SecretKeyPassphrase"];
var certificateBytes = Convert.FromBase64String(certificateText);
var cert = new X509Certificate2(certificateBytes, certificatePassword);
return cert;
}
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The specified network password is not correct
at Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(Byte[] rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(Byte[] rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password)
at MyCompany.AuthenticationServices.Core.Configuration.SingleSignOn.LoadSsoCertificate(IConfiguration config) in d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\SingleSignOn.cs:line 43
at MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(Saml2Options options) in d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:line 51
at MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(String name, Saml2Options options) in d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:line 78
at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
at Sustainsys.Saml2.AspNetCore2.Saml2Handler.<>c__DisplayClass6_0.<InitializeAsync>b__0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
--- End of stack trace from previous location where exception was thrown ---
at System.Lazy`1.CreateValue()
at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
at Sustainsys.Saml2.AspNetCore2.Saml2Handler.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at MyCompany.SoaToolkit.LoggingContext.AspNetCore.Middleware.Configuration.<>c.<<UseLoggingContextRequests>b__0_0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographyException:指定的网络密码不正确
位于Internal.Cryptography.Pal.CertificatePal.FilterPFXStore(字节[]rawData,安全密码句柄密码,PfxCertStoreFlags PfxCertStoreFlags)
位于Internal.Cryptography.Pal.CertificatePal.FromBlobOrFile(字节[]rawData,字符串文件名,安全密码句柄密码,X509keystrageFlags keystrageFlags)
位于System.Security.Cryptography.X509Certificates.X509Certificate..ctor(字节[]rawData,字符串密码,x509keystrageflags keystrageflags)
位于System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(字节[]rawData,字符串密码)
在d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\SingleSignOn.cs中的MyCompany.AuthenticationServices.Core.Configuration.SingleSignOn.LoadSsoCertificate(IConfiguration config)中:第43行
在MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(Saml2Options选项)中的d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:第51行
在MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(字符串名称,Saml2Options选项)中的d:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:第78行
在Microsoft.Extensions.Options.OptionsFactory`1.Create中创建(字符串名称)
在Sustainsys.Saml2.AspNetCore2.Saml2Handler.c__显示Class6_0.b__0()
在System.Lazy`1.ViaFactory(LazyThreadSafetyMode模式)
---来自引发异常的上一个位置的堆栈结束跟踪---
在System.Lazy`1.CreateValue()处
在Microsoft.Extensions.Options.Options缓存`1.GetOrAdd(字符串名,Func`1 createOptions)
位于Sustainsys.Saml2.AspNetCore2.Saml2Handler.InitializeAsync(AuthenticationScheme方案,HttpContext上下文)
位于Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext上下文,字符串authenticationScheme)
在Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext上下文)中
在MyCompany.SoaToolkit.LoggingContext.AspNetCore.Middleware.Configuration.c.d.MoveNext()上
---来自引发异常的上一个位置的堆栈结束跟踪---
在Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext HttpContext)中
位于Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHTTP应用程序`1应用程序)
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: The system cannot find the file specified
at Internal.Cryptography.Pal.StorePal.FromBlobOrFile(Byte[] rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2Collection.Import(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at MyCompany.AuthenticationServices.Core.Configuration.SingleSignOn.LoadSsoCertificate(IConfiguration config) in D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\SingleSignOn.cs:line 40
at MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(Saml2Options options) in D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:line 51
at MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(String name, Saml2Options options) in D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:line 78
at Microsoft.Extensions.Options.OptionsFactory`1.Create(String name)
at Sustainsys.Saml2.AspNetCore2.Saml2Handler.<>c__DisplayClass6_0.<InitializeAsync>b__0()
at System.Lazy`1.ViaFactory(LazyThreadSafetyMode mode)
--- End of stack trace from previous location where exception was thrown ---
at System.Lazy`1.CreateValue()
at Microsoft.Extensions.Options.OptionsCache`1.GetOrAdd(String name, Func`1 createOptions)
at Sustainsys.Saml2.AspNetCore2.Saml2Handler.InitializeAsync(AuthenticationScheme scheme, HttpContext context)
at Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext context, String authenticationScheme)
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at MyCompany.SoaToolkit.LoggingContext.AspNetCore.Middleware.Configuration.<>c.<<UseLoggingContextRequests>b__0_0>d.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
Internal.Cryptography.CryptoThrowHelper+WindowsCryptographyException:系统找不到指定的文件
位于Internal.Cryptography.Pal.StorePal.fromborfile(字节[]rawData,字符串文件名,安全密码句柄密码,X509keystrageFlags keystrageFlags)
位于System.Security.Cryptography.X509Certificates.X509Certificate2Collection.Import(字节[]rawData,字符串密码,X509KeyStrageFlags KeyStrageFlags)
在D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\SingleSignOn.cs中的MyCompany.AuthenticationServices.Core.Configuration.SingleSignOn.LoadSsoCertificate(IConfiguration config)中:第40行
在MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(Saml2Options选项)中的D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:第51行
在MyCompany.AuthenticationServices.Core.Configuration.ConfigureMultiTenantSaml2Options.Configure(字符串名称,Saml2Options选项)中的D:\a\1\s\MyCompany.AuthenticationServices.Core\Configuration\ConfigureMultiTenantSaml2Options.cs:第78行
在Microsoft.Extensions.Options.OptionsFactory`1.Create中创建(字符串名称)
在Sustainsys.Saml2.AspNetCore2.Saml2Handler.c__显示Class6_0.b__0()
在System.Lazy`1.ViaFactory(LazyThreadSafetyMode模式)
---来自引发异常的上一个位置的堆栈结束跟踪---
在System.Lazy`1.CreateValue()处
在Microsoft.Extensions.Options.Options缓存`1.GetOrAdd(字符串名,Func`1 createOptions)
位于Sustainsys.Saml2.AspNetCore2.Saml2Handler.InitializeAsync(AuthenticationScheme方案,HttpContext上下文)
位于Microsoft.AspNetCore.Authentication.AuthenticationHandlerProvider.GetHandlerAsync(HttpContext上下文,字符串authenticationScheme)
在Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext上下文)中
在MyCompany.SoaToolkit.LoggingContext.AspNetCore.Middleware.Configuration.c.d.MoveNext()上
---来自引发异常的上一个位置的堆栈结束跟踪---
在Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext HttpContext)中
位于Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHTTP应用程序`1应用程序)