¿Cómo importa un certificado público a Windows Azure?
-
14-11-2019 - |
Pregunta
Voy a comunicarme de Windows Azure a otro servicio web público a través de SSL.Y el certificado en el servicio web público es autofirmado.Por lo tanto, necesito confiar en el certificado público en My Windows Azure.
¿Cómo puedo importar el certificado (iCer) a Windows Azure?El portal de gestión solo permite importar un certificado con clave privada.
Solución
This is actually an issue with the portal, not with azure itself. Go to the "Add Certificate" section in the portal, click the browse button, navigate to where your .cer file is. The files listed are filtered to .pfx files so you won't see the file you want to import, but, if you type in the name of the file it will work.
Otros consejos
This was an issue with the portal. I had thought it was fixed - apparently not. You can always convert the .cer to a .pfx as well (with a lame password). I run this from LINQPad:
void Main()
{
string file = @"C:\temp\deploy\dunnrydeploy.cer";
var cert = X509Certificate2.CreateFromCertFile(file);
var bytes = ((X509Certificate2)cert).Export(X509ContentType.Pfx, "p");
var fs = File.Create(@"C:\temp\deploy\foo.pfx");
using (fs)
{
fs.Write(bytes, 0, bytes.Length);
fs.Flush();
}
}
There are few blogs about how to do thsi - http://blogs.msdn.com/b/jnak/archive/2010/01/29/installing-certificates-in-windows-azure-vms.aspx
This uses manual XML entry for self signed certificates in the Role
<Certificate name="SelfSigned" storeLocation="CurrentUser" storeName="<enter a value>" />
Here is how I obtained a public certificate from a private key and uploaded into Azure.
1) Obtain the certificate using PowerShell:
PS C:\MyWebsite> $cert = New-SelfSignedCertificate -DnsName mycompany.com -CertStoreLocation "cert:\LocalMachine\My" -KeyLength 2048 -KeySpec "KeyExchange"
PS C:\MyWebsite> $password = ConvertTo-SecureString -String "mypassword" -Force -AsPlainText
PS C:\MyWebsite> Export-PfxCertificate -Cert $cert -FilePath ".\mycompany.pfx" -Password $password
2) Then upload the certificate in the portal:
For details please see https://docs.microsoft.com/en-us/azure/cloud-services/cloud-services-certs-create