Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unable to load certificate instance from within Azure Worker Role

I have an Azure Worker Role that I wish to call the Management Service (e.g. REST API) and collect information regarding related services. However, when I try to load my certificate it fails to find it. Here are the steps I followed:

1. I created a certificate using MakeCert and registered it as my Management Certificate via the portal

makecert -r -pe -a sha1 -n "CN=MyCnName" -ss My -len 2048 -sp "Microsoft Enhanced RSA and AES Cryptographic Provider" -sy 24 MyCert.cer

2. Installed the cert on my local machine and everything works fine. When running the Worker Role locally I can call the Management Service with no problems.

3. Exported the cert from my machine and registered the exported certificate under the target Hosted Service via the portal

4. Deployed the Role. When the Role starts it fails to find the cert.

Here is an extract of the code I'm using to find the cert.

// Open the certificate store for the current user.
var certStore = new X509Store(StoreName.My, StoreLocation.CurrentUser); // I also tried localmachine
certStore.Open(OpenFlags.ReadOnly);

// Find the certificate with the specified subject.
X509Certificate2Collection certCollection = certStore.Certificates.Find(
    X509FindType.FindBySubjectName,
    _myConfiguration.SubjectName,
    false);


if (certCollection == null || certCollection.Count < 1)
{
    // Find the certificate with the specified thumbprint.
    certCollection = certStore.Certificates.Find(
        X509FindType.FindByThumbprint,
        _myConfiguration.ThumbPrint,
        false);
}

// Close the certificate store.
certStore.Close();

// Check to see if a matching certificate was found.
if (certCollection.Count == 0)
{
    _logger.Warn("No certificate found");
}

There is no exception, just no cert is found. Can anyone shed some light I what I need to do?

like image 675
JoeGeeky Avatar asked Feb 20 '23 20:02

JoeGeeky


1 Answers

Figured out the problem... In addition to configuring the cert in the portal, I needed to add the certificate details (e.g. Name, Store, and Thumbprint) to the Azure Project Role settings under the Certificates Tab.

like image 81
JoeGeeky Avatar answered Feb 22 '23 09:02

JoeGeeky