Unable to load a certificate in Azure Function
Question
I am developping an Azure Function which needs to load a certificate from a secured Base 64 string. The certificate is protected by a key. The certificate and the password are stored in an Azure Key Vault.
When I try to load the certificate from the Function, I get errors in both v1 and v2 Functions.
Here is the code used to load the certificate :
var certificate = new X509Certificate2(Convert.FromBase64String(certificateBase64), certificatePassword)
With this code for .Net I have a strange issue I can reproduce locally. The issue is linked to .Net 4.6.1. In .Net Core 2.0, it works fine locally (in Azure Function CLI), but I got a strange issue regarding a file not found ( https://github.com/dotnet/corefx/issues/11042 )
As mentionned at the end the previous post, I tried to the X509KeyStorageFlags.EphemeralKeySet flag.
var certificate = new X509Certificate2(Convert.FromBase64String(certificateBase64), certificatePassword, X509KeyStorageFlags.EphemeralKeySet)
The flag is not yet available for .Net Core 2 ( https://github.com/dotnet/corefx/issues/24454 ), and not also in .Net 4.6.1, the framework used by Azure Functions.
Is there a way to force the Net Framework used by an Azure Function v1 ? Is there any simple workaround in .Net Core 2.0, wihtout storing the certificate as a file on the Function ?
1 answers
solution1
0 ACCPTED 2018-08-31 12:39:18
After many tries, I found a solution. The flag X509KeyStorageFlags.MachineKeySet must be used. It worked for both Function App V1 (.Net 4.6.1) and Function App V2 (.Net Core 2) :
var certificate = new X509Certificate2(Convert.FromBase64String(certificateBase64), certificatePassword, X509KeyStorageFlags.MachineKeySet)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.