将 AzureCredentialsFactory.FromServicePrincipal 与证书一起使用会引发 System.NullReferenceException
[英]Using AzureCredentialsFactory.FromServicePrincipal with a certificate throws System.NullReferenceException
原文
2018-12-13 17:43:00
7
2
c#/
azure/
azure-active-directory/
azure-resource-manager/
x509certificate2
问题描述
I created a console application using .NET framework 4.7.2 to connect to the Azure Resource Manager API using these nuget packages:
我使用 .NET 框架 4.7.2 创建了一个控制台应用程序,以使用这些 nuget 包连接到 Azure 资源管理器 API:
- Microsoft.Azure.Management.ResourceManager.Fluent: v1.18.0 | Microsoft.Azure.Management.ResourceManager.Fluent:v1.18.0 | download link 下载链接
- Microsoft.Azure.Management.Fluent: v1.18.0 | Microsoft.Azure.Management.Fluent: v1.18.0 | download link 下载链接
This is the code:这是代码:
using Microsoft.Azure.Management.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent.Authentication;
using System;
using System.Security.Cryptography.X509Certificates;
namespace AzResourceManager
{
class Program
{
static void Main(string[] args)
{
var clientId = "********-****-****-****-************";
var subscriptionId = "********-****-****-****-************";
var tenantId = "********-****-****-****-************";
var cert = GetCertificate("********************************");
var creds = new AzureCredentialsFactory().FromServicePrincipal(clientId, cert, tenantId, AzureEnvironment.AzureGlobalCloud);
var azure = Azure.Authenticate(creds).WithSubscription(subscriptionId);
foreach (var rGroup in azure.ResourceGroups.List())
{
Console.WriteLine(rGroup.Name);
}
}
private static X509Certificate2 GetCertificate(string thumbPrint)
{
var certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser);
certStore.Open(OpenFlags.ReadOnly);
try
{
var certCollection = certStore.Certificates.Find(X509FindType.FindByThumbprint, thumbPrint, false);
if (certCollection.Count <= 0)
throw new InvalidOperationException("Unable to load certificate from store");
return certCollection[0];
}
finally
{
certStore.Close();
}
}
}
}
When the execution reaches this line当执行到这一行时
foreach (var rGroup in azure.ResourceGroups.List())
the application throws a System.NullReferenceException: 'Object reference not set to an instance of an object.'应用程序抛出System.NullReferenceException: 'Object reference not set to an instance of an object.'
I installed the certificate in the application registered in the Azure Active Directory and in my laptop.我在 Azure Active Directory 和我的笔记本电脑中注册的应用程序中安装了证书。 I tried updating some packages but the result is the same.我尝试更新一些软件包,但结果是一样的。 The only package I cannot update to its latest version is Microsoft.IdentityModel.Clients.ActiveDirectory (latest version: v4.4.1), I only can update it to version v3.19.8我唯一无法更新到最新版本的包是Microsoft.IdentityModel.Clients.ActiveDirectory (最新版本:v4.4.1),我只能将其更新到版本 v3.19.8
This is the stack trace for that exception:这是该异常的堆栈跟踪:
at Microsoft.Rest.Azure.Authentication.ClientAssertionCertificate.Sign(String message)\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.JsonWebToken.Sign(IClientAssertionCertificate credential) in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\ClientCreds\\JsonWebToken.cs:line 100\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.ClientKey.AddToParameters(IDictionary`2 parameters) in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\ClientCreds\\ClientKey.cs:line 127\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<SendTokenRequestAsync>d__64.MoveNext() in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\Flows\\AcquireTokenHandlerBase.cs:line 0\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.AcquireTokenHandlerBase.<RunAsync>d__55.MoveNext() in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\Flows\\AcquireTokenHandlerBase.cs:line 198\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.<AcquireTokenForClientCommonAsync>d__49.MoveNext() in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\AuthenticationContext.cs:line 541\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext.<AcquireTokenAsync>d__27.MoveNext() in c:\\workspace\\azure-activedirectory-library-for-dotnet-v3-master-VS2017\\src\\ADAL.PCL\\AuthenticationContext.cs:line 239\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.Rest.Azure.Authentication.CertificateAuthenticationProvider.<AuthenticateAsync>d__3.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.Rest.Azure.Authentication.ApplicationTokenProvider.<LoginSilentAsync>d__33.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.Rest.Azure.Authentication.ApplicationTokenProvider.<LoginSilentAsync>d__24.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)\r\n
at Microsoft.Azure.Management.ResourceManager.Fluent.Authentication.AzureCredentials.<ProcessHttpRequestAsync>d__24.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ValidateEnd(Task task)\r\n at Microsoft.Azure.Management.ResourceManager.Fluent.ResourceGroupsOperations.<ListWithHttpMessagesAsync>d__11.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.Azure.Management.ResourceManager.Fluent.ResourceGroupsOperationsExtensions.<ListAsync>d__6.MoveNext()\r\n
--- End of stack trace from previous location where exception was thrown ---\r\n
at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task)\r\n
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)\r\n
at Microsoft.Azure.Management.ResourceManager.Fluent.Core.Extensions.Synchronize[TResult](Func`1 function)\r\n
at Microsoft.Azure.Management.ResourceManager.Fluent.ResourceGroupsImpl.List()\r\n
at AzResourceManager.Program.Main(String[] args) in D:\\Demos\\ARM\\AzResourceManager\\AzResourceManager\\Program.cs:line 27
If I use a secret instead of the certificate the code works correctly.如果我使用secret而不是证书,则代码可以正常工作。
using Microsoft.Azure.Management.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent;
using Microsoft.Azure.Management.ResourceManager.Fluent.Authentication;
using System;
using System.Security.Cryptography.X509Certificates;
namespace AzResourceManager
{
class Program
{
static void Main(string[] args)
{
var clientId = "********-****-****-****-************";
var secret = "********-****-****-****-************";
var subscriptionId = "********-****-****-****-************";
var tenantId = "********-****-****-****-************";
var creds = new AzureCredentialsFactory().FromServicePrincipal(clientId, secret, tenantId, AzureEnvironment.AzureGlobalCloud);
var azure = Azure.Authenticate(creds).WithSubscription(subscriptionId);
foreach (var rGroup in azure.ResourceGroups.List())
{
Console.WriteLine(rGroup.Name);
}
}
}
}
these are the packages installed: (packages.config)这些是安装的软件包:(packages.config)
<?xml version="1.0" encoding="utf-8"?>
<packages>
<package id="Microsoft.Azure.KeyVault" version="3.0.1" targetFramework="net472" />
<package id="Microsoft.Azure.KeyVault.Core" version="1.0.0" targetFramework="net472" />
<package id="Microsoft.Azure.KeyVault.WebKey" version="3.0.1" targetFramework="net472" />
<package id="Microsoft.Azure.Management.AppService.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Batch.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.BatchAI.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Cdn.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Compute.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.ContainerInstance.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.ContainerRegistry.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.ContainerService.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.CosmosDB.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Dns.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.EventHub.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Graph.RBAC.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.KeyVault.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Locks.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Monitor.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Msi.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Network.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Redis.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.ResourceManager.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Search.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.ServiceBus.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Sql.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.Storage.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Azure.Management.TrafficManager.Fluent" version="1.18.0" targetFramework="net472" />
<package id="Microsoft.Data.Edm" version="5.8.2" targetFramework="net472" />
<package id="Microsoft.Data.OData" version="5.8.2" targetFramework="net472" />
<package id="Microsoft.Data.Services.Client" version="5.8.2" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Clients.ActiveDirectory" version="3.14.0" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Logging" version="1.1.2" targetFramework="net472" />
<package id="Microsoft.IdentityModel.Tokens" version="5.1.2" targetFramework="net472" />
<package id="Microsoft.Rest.ClientRuntime" version="2.3.17" targetFramework="net472" />
<package id="Microsoft.Rest.ClientRuntime.Azure" version="3.3.18" targetFramework="net472" />
<package id="Microsoft.Rest.ClientRuntime.Azure.Authentication" version="2.3.4" targetFramework="net472" />
<package id="Newtonsoft.Json" version="9.0.1" targetFramework="net472" />
<package id="System.ComponentModel.EventBasedAsync" version="4.0.11" targetFramework="net472" />
<package id="System.Dynamic.Runtime" version="4.0.0" targetFramework="net472" />
<package id="System.Linq.Queryable" version="4.0.0" targetFramework="net472" />
<package id="System.Net.Requests" version="4.0.11" targetFramework="net472" />
<package id="System.Spatial" version="5.8.2" targetFramework="net472" />
<package id="WindowsAzure.Storage" version="8.1.4" targetFramework="net472" />
</packages>
2 个解决方案
解决方案1
1 2019-01-02 23:14:38
Are you able to get the results using the Resource Groups List REST API .您能否使用Resource Groups List REST API获得结果。 I have tried myself and I am not getting any error while using your code and it worked fine for me.我自己尝试过,在使用您的代码时没有遇到任何错误,对我来说效果很好。 Please make sure that your registered application service principal has been provided at least Reader access to your subscription.请确保已向您注册的应用程序服务主体提供至少对您的订阅的读者访问权限。 Please follow the document Manage access using RBAC and the Azure portal for assigning roles to Azure resources.请按照使用 RBAC 和 Azure 门户管理访问权限文档为 Azure 资源分配角色。
解决方案2
0 2020-10-28 23:19:32
I get the same frustrating System.NullReferenceException when trying to use the exported certificare with .CER extension, but when exporting the certificate in .PFX format with password: the overloaded FromServicePrincipal function succeeds尝试使用带有.CER扩展名的导出证书时,我遇到了同样令人沮丧的 System.NullReferenceException,但是当导出带有密码的.PFX格式的证书时:重载的 FromServicePrincipal 函数成功
var credentials = SdkContext
.AzureCredentialsFactory
.FromServicePrincipal(
"********-****-****-****-************", // clientId
@"c:\cert.pfx", // certificate file path
"123456", // certificate password
"********-****-****-****-************", //tenantId
AzureEnvironment.AzureGlobalCloud);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
WebRequest.Create抛出System.NullReferenceException - WebRequest.Create throws System.NullReferenceException
单击按钮将引发System.NullReferenceException - Button Click throws System.NullReferenceException
RegisterViewWithRegion 为视图抛出 System.NullReferenceException - RegisterViewWithRegion throws System.NullReferenceException for a View
使用Linq Xamarin时出现System.NullReferenceException - System.NullReferenceException in while using Linq Xamarin
使用 Linq 时出现“System.NullReferenceException”错误 - "System.NullReferenceException" Error While Using Linq
实体框架6-播种数据库引发System.NullReferenceException - entity framework 6 - seeding database throws System.NullReferenceException
C# 键盘钩子抛出 System.NullReferenceException - C# Keyboard hook throws System.NullReferenceException
使用空格键更改 CheckBox 时,AcceptChanges() 在 DataGridView 中抛出 System.NullReferenceException - AcceptChanges() throws System.NullReferenceException in DataGridView when using space bar for changing CheckBox
iTextSharp System.NullReferenceException - iTextSharp System.NullReferenceException
Xamarin中的System.NullReferenceException - System.NullReferenceException in Xamarin
相关标签