I think I have read every single thing on the internet about this (bold statement I know) but I can't work it out...
I have a very simple webpage that gets the status VMs on Azure, which works fine on my machine. I created a Cert on my local machine with makecert and debug runs fine. After deploying it to another server on IIS all I get is 403 errors.
Things I tried:
I changed my get cert code to more resemble an answer from a similar question, but finding the cert doesn't appear to be the issue.. if I remove the cert created on the server, I get a different error.
var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.OpenExistingOnly | OpenFlags.ReadOnly);
var certificate = store.Certificates.Cast<X509Certificate2>().SingleOrDefault(c => string.Equals(c.Thumbprint, thumbprint, StringComparison.OrdinalIgnoreCase)); // please replace CertificateThumbprint with original Thumbprint
return certificate;
Ref: how to connect to azure (management) rest api via C# in IIS
Code to create HttpClient:
WebRequestHandler handler = new WebRequestHandler();
String CertThumbprint = _certthumbprint;
X509Certificate2 managementCert = FindX509Certificate(CertThumbprint);
if (managementCert != null)
{
handler.ClientCertificates.Add(managementCert);
HttpClient httpClient = new HttpClient(handler);
httpClient.DefaultRequestHeaders.Add("x-ms-version", "2014-05-01");
httpClient.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xml"));
return httpClient;
}
Retrieve VMs Code:
String uri = String.Format("https://management.core.windows.net/{0}/services/hostedservices/{1}/deploymentslots/{2}", _subscriptionid, ServiceName, "Production");
XDocument vms = new XDocument();
vms.Add(new XElement("VirtualMachines"));
ApplyNamespace(vms.Root, ns);
try
{
HttpClient http = GetHttpClient();
Stream responseStream = await http.GetStreamAsync(uri);
if (responseStream != null)
{
XDocument xml = XDocument.Load(responseStream);
var roles = xml.Root.Descendants(ns + "RoleInstance");
foreach (XElement r in roles)
{
XElement svcNamee1 = new XElement("ServiceName", ServiceName);
ApplyNamespace(svcNamee1, ns);
r.Add(svcNamee1);
vms.Root.Add(r);
}
}
}
This code is currently about 95% copy and paste from here
The resolution for me in this case was to create a new Publishsettings file via powershell and import that on the server via powershell. Then use the thumbprint from that in code. Making a cert on the server and uploading to Azure still doesn't work for whatever reason...
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.