[英]Why does .Pfx exist in my Certificates Collection but not my .Cer?
I have uploaded a couple of SSL cerificates to Azure. 我已将几个SSL证书上传到Azure。 One is a.cer and one is a .pfx. 一个是a.cer,一个是.pfx。 I followed the advice in this Azure Blog . 我遵循了此Azure博客中的建议。 I uploaded using the management portal. 我使用管理门户上传。
I have the 'WEBSITE_LOAD_CERTIFICATE' in my App Setting section and have the two correct thumbprints comma separated. 我的“应用设置”部分中有“ WEBSITE_LOAD_CERTIFICATE”,并且将两个正确的指纹逗号分开。
When I remotely debug my Azure Web Job, I can see that only the .pfx is in the certStore.Certificates collection. 远程调试Azure Web作业时,可以看到certStore.Certificates集合中只有.pfx。
Can I access my .cer in this way? 我可以通过这种方式访问我的.cer吗?
pfx is a secure container which has both your Private and Public keys, while .cer is just the public Key. pfx是一个安全容器,其中包含您的私钥和公钥,而.cer只是公钥。 The public is needed only by the clients to verify integrity of the signature / decrypt content. 仅客户端需要公众来验证签名/解密内容的完整性。 While your job will need the private key to sign/encrypt the data. 虽然您的工作将需要私钥来签名/加密数据。
Both public and private keys can be extracted from the PFX using X509Certificate2 class from .NET. 可以使用.NET中的X509Certificate2类从PFX中提取公钥和私钥。 It has a property PublicKey . 它具有属性PublicKey 。
Why you uploaded .cer at first place ? 为什么您首先上传.cer? You do not need it for SSL with Web Apps. Web应用程序的SSL不需要它。
PS Azure Key Vault may the solution you are looking for. PS Azure Key Vault可能是您正在寻找的解决方案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.