![](/img/trans.png)
[英]Azure App Service Container Managed Identity Key Vault in.NET Core C#
[英]C# .Net Azure Management REST API - Add App Service Managed Certificate - Response = Not Found
我可以使用 Azure 管理 REST API 将自定义域添加到我的 Z3A580F142036767F53F0 服务中。 我还需要通过将应用托管证书添加到我的应用服务来保护该自定义域。
static string _ClientId = Startup.StaticConfig.GetValue<string>("Azure:ClientId");
static string _ClientKey = Startup.StaticConfig.GetValue<string>("Azure:ClientSecret");
static string _TenantId = Startup.StaticConfig.GetValue<string>("Azure:TenantId");
static string _SubscriptionId = Startup.StaticConfig.GetValue<string>("Azure:SubscriptionId");
static string _ResourceGroupName = Startup.StaticConfig.GetValue<string>("Azure:ResourceGroupName");
static string _AppName = Startup.StaticConfig.GetValue<string>("Azure:AppName");
static string _AppServicePlanName = Startup.StaticConfig.GetValue<string>("Azure:AppServicePlanName");
public static string ResourceGroupName { get => _ResourceGroupName; set => _ResourceGroupName = value; }
public static async Task<HttpStatusCode> AddHostNameFromForumResponse(string sHostName)
{
HttpResponseMessage responseMessage;
var appId = _ClientId;
var secretKey = _ClientKey;
var tenantId = _TenantId;
var context = new AuthenticationContext("https://login.windows.net/" + tenantId);
ClientCredential clientCredential = new ClientCredential(appId, secretKey);
var tokenResponse = context.AcquireTokenAsync("https://management.azure.com/", clientCredential).Result;
var accessToken = tokenResponse.AccessToken;
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken);
var baseUrl = new Uri($"https://management.azure.com/");
var requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/sites/{_AppName}/hostNameBindings/{sHostName}?api-version=2016-08-01";
string body = $"{{\"properties\": {{\"azureResourceName\": \"{_AppName}\"}}}}";
var stringContent = new StringContent(body, Encoding.UTF8, "application/json");
responseMessage = await client.PutAsync(requestURl, stringContent);
if (((long)responseMessage.StatusCode == 200)) // Trying to create the app managed certificate here
{
//requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/certificates/{sHostName}?api-version=2019-08-01";
requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/certificates/{sHostName}?api-version=2021-02-01";
var serverFarm = $"/subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/serverfarms/{_AppServicePlanName}";
body = $"{{\"location\": \"West US\", \"properties\": {{\"canonicalName\": \"{sHostName}\", \"hostNames\": [\"{sHostName}\"], \"serverFarmId\": \"{serverFarm}\"}}}}";
stringContent = new StringContent(body, Encoding.UTF8, "application/json");
responseMessage = await client.PutAsync(requestURl, stringContent);
}
}
return responseMessage.StatusCode;
我可以添加域,但是当我尝试 PUT 应用程序托管证书时,我收到响应消息404 - Not Found
。
I was originally following https://docs.microsoft.com/en-us/answers/questions/491924/creating-app-service-managed-certificates-via-api.html which has an api version of 2019-08-01 ,但后来我发现https: //docs.microsoft.com/en-us/rest/api/appservice/certificates/create-or-update 的 api 版本为 2021-02-01。
我对serverFarm
AppServicePlanName
感到困惑。
注意(B1: 1)
。 不确定这是否是应用服务名称的一部分。 我试过有无。 这似乎没有什么不同。
以下是相关值:
requestUrl = https://management.azure.com/subscriptions/xxx-xx-4c7e01d9a379/resourceGroups/MyResourceGroup/providers/Microsoft.Web/certificates/contoso.com?api-version=2021-02-01
serverFarm = /subscriptions/xxx-xx-4c7e01d9a379/resourceGroups/MyResourceGroup/providers/Microsoft.Web/serverfarms/ResourceGroup-80c2
{"location": "East US", "properties": {"canonicalName": "contoso.com", "hostNames": ["contoso.com"], "serverFarmId": "/subscriptions/9497817f-xxxx-479a-bb9f-4c7e01d9a379/resourceGroups/MyShoppingCartResourceGroup/providers/Microsoft.Web/serverfarms/ASP-ResourceGroup-80c2"}}
为什么我会收到 404 Not Found? 有人有想法么?
编辑:分享答案
我解决了这个问题。 显然,应用服务计划名称有 2 个不同版本。 我认为这只是为了使事情过于复杂。 当我创建域时,这不是问题。 这只是为域创建证书时的一个问题。 创建证书时,您必须在 serverFarm 中使用这两个版本的应用服务计划名称。 查看我的应用服务计划的屏幕截图:
这是 serverFarm Id 的正确版本:
/subscriptions/xxx-xx-xxxx-xx-xxx-4c7e01d9a379/resourceGroups/X-XXX-Resource-Group/providers/Microsoft.Web/serverfarms/XXX-XXXResourceGroup-80c2
在 /resourceGroups 之后,将我突出显示的那个放在黄色中。 在服务器农场放另一个之后,没有(B1:1)。
这是我用来创建自定义域和创建证书的完整代码。
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Clients.ActiveDirectory;
using System;
using System.Net;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
namespace MyShoppingCart.Helpers.ManagementLibrarySample
{
public class ManagementLibrarySample
{
static string _ClientId = Startup.StaticConfig.GetValue<string>("Azure:ClientId");
static string _ClientKey = Startup.StaticConfig.GetValue<string>("Azure:ClientSecret");
static string _TenantId = Startup.StaticConfig.GetValue<string>("Azure:TenantId");
static string _SubscriptionId = Startup.StaticConfig.GetValue<string>("Azure:SubscriptionId");
static string _ResourceGroupName = Startup.StaticConfig.GetValue<string>("Azure:ResourceGroupName");
static string _AlternateResourceGroupName = Startup.StaticConfig.GetValue<string>("Azure:AlternateResourceGroupName");
static string _AppName = Startup.StaticConfig.GetValue<string>("Azure:AppName");
static string _AppServicePlanName = Startup.StaticConfig.GetValue<string>("Azure:AppServicePlanName");
public static async Task<HttpStatusCode> AddHostNameFromForumResponse(string sHostName)
{
HttpResponseMessage responseMessage;
var appId = _ClientId;
var secretKey = _ClientKey;
var tenantId = _TenantId;
var context = new AuthenticationContext("https://login.windows.net/" + tenantId);
ClientCredential clientCredential = new ClientCredential(appId, secretKey);
var tokenResponse = context.AcquireTokenAsync("https://management.azure.com/", clientCredential).Result;
var accessToken = tokenResponse.AccessToken;
using (var client = new HttpClient())
{
client.DefaultRequestHeaders.Add("Authorization", "Bearer " + accessToken);
var baseUrl = new Uri($"https://management.azure.com/");
var requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/sites/{_AppName}/hostNameBindings/{sHostName}?api-version=2016-08-01";
string body = $"{{\"properties\": {{\"azureResourceName\": \"{_AppName}\"}}}}";
var stringContent = new StringContent(body, Encoding.UTF8, "application/json");
responseMessage = await client.PutAsync(requestURl, stringContent);
if (((long)responseMessage.StatusCode == 200)) // Trying to create the app managed certificate here
{
requestURl = baseUrl + $"subscriptions/{_SubscriptionId}/resourceGroups/{_ResourceGroupName}/providers/Microsoft.Web/certificates/{sHostName}?api-version=2021-02-01";
var serverFarm = $"/subscriptions/{_SubscriptionId}/resourceGroups/{_AlternateResourceGroupName}/providers/Microsoft.Web/serverfarms/{_AppServicePlanName}";
body = $"{{\"location\": \"West US\", \"properties\": {{\"canonicalName\": \"{sHostName}\", \"hostNames\": [\"{sHostName}\"], \"serverFarmId\": \"{serverFarm}\"}}}}";
stringContent = new StringContent(body, Encoding.UTF8, "application/json");
responseMessage = await client.PutAsync(requestURl, stringContent);
}
}
return responseMessage.StatusCode;
}
}
}
这个名为_AlternateResourceGroupName
的新变量是我原始帖子中以黄色突出显示的变量。
我仍然需要弄清楚的是如何将证书关联并绑定到自定义域名。 如果有人有任何想法,请告诉我。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.