[英]WCF & Azure: Replace Self-Sign Certificate with a Real Certificate
I've a WCF that runs in Azure as a Cloud Service (with out SSL). 我有一个在Azure中作为云服务运行的WCF(不带SSL)。
I have implemented on the same project SSL, locally. 我已经在本地的同一项目SSL上实现了。 (with self-sign certificate) (附自签名证书)
After I experimented locally and saw that everything works well, I purchased real certificate on Go Daddy, now I need to figure out a couple of points: 当我在本地进行实验并看到一切正常之后,我在Go Daddy上购买了真实的证书, 现在我需要弄清楚几点:
I saw a couple of articles that shows how to set the configuration of a role in order to publish the WCF to Cloud Service with HTTPS. 我看到了几篇文章,展示了如何设置角色的配置,以便使用HTTPS将WCF发布到Cloud Service。 In those articles they adding the certificate by choosing from the certificates that installed on the computer and then associated the certificate to the HTTPS endpoint. 在这些文章中,他们通过从计算机上安装的证书中进行选择来添加证书,然后将该证书与HTTPS端点关联。
Thank you. 谢谢。
Go to your .CSDEF and add these 3 tags (change accordingly): 转到您的.CSDEF并添加以下3个标记(相应更改):
<WebRole name="CertificateTesting" vmsize="Small">
...
<Certificates>
<Certificate name="SampleCertificate" storeLocation="LocalMachine" storeName="CA" />
</Certificates>
...
<Endpoints>
<InputEndpoint name="HttpsIn" protocol="https" port="443" certificate="SampleCertificates" />
</Endpoints>
...
<Sites>
<Site name="Web">
<Bindings>
<Binding name="HttpsIn" endpointName="HttpsIn" />
</Bindings>
</Site>
</Sites>
...
</WebRole>
Next, open your .CSCFG and add: 接下来,打开您的.CSCFG并添加:
<Role name="Deployment">
...
<Certificates>
<Certificate name="SampleCertificate" thumbprint="9427befa18ec6865a9ebdc79d4c38de50e6316ff" thumbprintAlgorithm="sha1" />
</Certificates>
...
</Role>
Replace thumbprint and thumbprintAlgorithm with the one of your certificate. 用您的证书之一替换thumbprint和thumbprintAlgorithm 。
Finally use Azure portal to upload the deployment package and the certificate or add it to the certificates tab. 最后,使用Azure门户上载部署程序包和证书,或将其添加到“证书”选项卡。 You have to export the certificate with the private key in order to work. 您必须使用私钥导出证书才能工作。
More details on this link: http://azure.microsoft.com/en-us/documentation/articles/cloud-services-configure-ssl-certificate/ 有关此链接的更多详细信息: http : //azure.microsoft.com/zh-cn/documentation/articles/cloud-services-configure-ssl-certificate/
Answering you last question: As you've upload the certificate with the package, auto scale will use this package to provision the new servers. 回答您的最后一个问题:在将证书与软件包一起上传时,自动扩展将使用此软件包来配置新服务器。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.