我需要自动创建 Azure Batch 帐户。其中一部分是从现有 Azure 密钥保管库向帐户添加证书。我想我拥有我需要的所有部件,但我无法将它们全部组合在一起;我有一个KeyVault.Models.CertificateBundle对象和一个Management.Batch.Models.BatchAccount对象,但我不确定如何让一个对象进入另一个对象。我的代码如下所示:// Create Batch accountvar storageAccount = new Models.AutoStorageBaseProperties(storageAccountId);mgmtClient.BatchAccount.Create(resourceGroupName, accountName, new Models.BatchAccountCreateParameters() { Location = clusterZone, AutoStorage = storageAccount });string certName;Models.CertificateCreateOrUpdateParameters certParams;// Add certificateusing (KeyVaultClient kvClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(GetKeyVaultToken))){ var cert = kvClient.GetCertificateAsync(certId).GetAwaiter().GetResult(); string thumbprint = Convert.ToBase64String(cert.X509Thumbprint); string cer = Convert.ToBase64String(cert.Cer); certParams = new Models.CertificateCreateOrUpdateParameters(Convert.ToBase64String(cert.Cer), cert.Id, thumbprint: thumbprint, format: Models.CertificateFormat.Cer, type: cert.ContentType); certName = $"SHA1-{thumbprint}"; // not sure about this one}// failing with a complaint about the cert namemgmtClient.Certificate.Create(resourceGroupName, accountName, certName, certParams);我使用此代码得到的确切错误是:'certificateName' does not match expected pattern '^[\\w]+-[\\w]+$'.certName看起来像SHA1-XXXXXXXXXXXXXXXXXXXXXX+XXXX=。指纹中有一些非字母数字字符。我只是猜测这是 SHA1,但除此之外,这个名字对我来说很合适。我不确定我错过了什么。我也很乐意接受某人对这个特定问题的更简单的解决方案。
1 回答
慕斯709654
TA贡献1840条经验 获得超5个赞
'certificateName' 与预期的模式 '^[\w]+-[\w]+$' 不匹配。
您可以调试代码并检查 Azure 密钥库中的指纹。在您的代码中,您从代码中获得的指纹与认证指纹不同。我使用以下代码获得了认证指纹。
X509Certificate2 x509 = new X509Certificate2();
x509.Import(cert.Cer);
var thumbprint = x509.Thumbprint;
下面是我用来将证书添加到 Azure 批处理帐户的演示代码。
var credentials = SdkContext.AzureCredentialsFactory.FromFile(@"cred file path");
var resourceGroup = "resourceGroup";
var accountName = "batchAccountName";
var subscriptionId = "subscriptionName";
var certificateIdentifier = "https://keyvaultName.vault.azure.net/certificates/certName/xxxxx";
var batchManagementClient = new BatchManagementClient(credentials)
{
SubscriptionId = subscriptionId
};
var azureServiceTokenProvider = new AzureServiceTokenProvider();
var keyVaultClient =
new KeyVaultClient(
new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
var cert = keyVaultClient.GetCertificateAsync(certificateIdentifier).Result;
X509Certificate2 x509 = new X509Certificate2();
x509.Import(cert.Cer);
var thumbprint = x509.Thumbprint;
var certConent = Convert.ToBase64String(cert.Cer);
var certName = $"SHA1-{thumbprint}";
var result= batchManagementClient.Certificate.CreateAsync(resourceGroup, accountName, certName, new CertificateCreateOrUpdateParametersInner
{
Thumbprint = thumbprint,
Data = certConent,
ThumbprintAlgorithm = "SHA1",
Format = CertificateFormat.Cer,
}).Result;
测试结果:
- 1 回答
- 0 关注
- 149 浏览
添加回答
举报
0/150
提交
取消