Azure API 服务器未能对请求进行身份验证

Azure API The server failed to authenticate the request(Azure API 服务器未能对请求进行身份验证)
本文介绍了Azure API 服务器未能对请求进行身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我有一个任务(我尝试使用辅助角色并上传控制台应用程序并运行 .exe),该任务应该每天运行一次并收集我的一些 VM 的 Azure 指标.这在本地完美运行,但在云服务上我收到此错误:

I have a task ( I tried with worker role and to upload a console app and run the .exe) that should run once a day and gather Azure Metrics of some of my VMs. This works flawlessly locally but on a cloud service I get this Error:

未处理的异常:Microsoft.WindowsAzure.CloudException:ForbiddenError:服务器未能对请求进行身份验证.验证证书是否有效并与此订阅相关联.在 Microsoft.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSucces ...等.

Unhandled Exception: Microsoft.WindowsAzure.CloudException: ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and associated with this subscription. at Microsoft.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSucces ... etc.

发生这种情况的行是:

MetricDefinitionListResponse metricListResponse = metricsClient.MetricDefinitions.List(resourceId, null,
            nspace);

这是我的代码的一部分:

This is part of my code:

 string subscriptionId = "fc4xxxx5-835c-xxxx-xxx-xxxxxxx";

        // The thumbprint of the certificate.
        string thumbprint = "‎f5 b4 xxxxxxxx f7 c2";

        // Get the certificate from the local store.
        //X509Certificate2 cert = GetCertificate(StoreName.My, StoreLocation.LocalMachine, thumbprint);
        //cert = GetCertificate(StoreName.My, StoreLocation.CurrentUser, thumbprint) ?? new X509Certificate2(("manageAzure.cer"));
        var cert = new X509Certificate2(("manageAzure.cer"));

        Console.WriteLine("Certificate is : " + cert);

        // Create the metrics client.
        var metricsClient = new MetricsClient(new CertificateCloudCredentials(subscriptionId, cert));

        Console.WriteLine("metricsClient is : " + metricsClient);

        // The cloud service name and deployment name, found in the dashboard of the management portal.
        string cloudServiceName = "abms2-carlsberg";
        string deploymentName = "abms2-carlsberg";

        // Build the resource ID string.
        string resourceId = ResourceIdBuilder.BuildVirtualMachineResourceId(cloudServiceName, deploymentName);

        string nspace = "WindowsAzure.Availability";

        // Get the metric definitions.
        MetricDefinitionListResponse metricListResponse = metricsClient.MetricDefinitions.List(resourceId, null,
            nspace);

我已将管理证书放置在我的解决方案中,并从那里加载它(它设置为始终复制),并且与我在本地运行时使用的相同(和相同的方式).

I have placed the management certificate in my solution, and I load it from there (it is set to always copy) and is the same (and the same way) I use when I run it locally.

那么它在抱怨认证"是什么证书"?我似乎看不出问题出在哪里.任何帮助将不胜感激,因为我已经用了整个下午!

So what "certificate" is it complaining about "to authenticate"? I can't seem to see what the problem is. Any help would be greatly appreciated as I have used the whole afternoon on this!

PS:我已经在提升模式下运行它了!

PS: I am already running this in elevated mode!

推荐答案

对于可能有这个问题的其他人,我已经按照底部的说明解决了:(http://www.dinohy.com/post/2013/11/12/403-Forbidden-when-Use-Azure-Management-REST-API-on-Role-instance.aspx)

For someone else that may have this issue, I have solved it as explained here in the bottom : (http://www.dinohy.com/post/2013/11/12/403-Forbidden-when-Use-Azure-Management-REST-API-on-Role-instance.aspx)

  1. 从以下位置下载发布设置文件:https://manage.windowsazure.com/publishsettings/index?client=vs&schemaversion=2.0(这是一个XML文件,可以用记事本打开)

  1. Download the publishsettings file from:https://manage.windowsazure.com/publishsettings/index?client=vs&schemaversion=2.0 (This is a XML file, you can open it with notepad)

找到 ManagementCertificate 属性,将值复制到字符串中.那一个Base64编码的字符串,可以用这个字符串创建证书:string base64Cer="The value of ManagementCertificate"

Find ManagementCertificate property, copy the value to a string. That a Base64 encoded string, you can use this string create a certificate: string base64Cer="The value of ManagementCertificate "

使用此字符串创建证书.var 证书 = 新 X509Certificate2(base64Cer);

Use this string create a certificate. var certificate = new X509Certificate2(base64Cer);

虽然这最后一步并不完全像直接传递字符串(因为字符串太长会导致异常)而是如下:var cert = new X509Certificate2(Convert.FromBase64String(base64cer));

although this last step is not exactly like passing the string directly (as the string is too long and will cause an exception) but rather is as follows: var cert = new X509Certificate2(Convert.FromBase64String(base64cer));

希望这也能帮助到我这个职位的其他人.

Hope this will help someone else in my position too.

这篇关于Azure API 服务器未能对请求进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

DispatcherQueue null when trying to update Ui property in ViewModel(尝试更新ViewModel中的Ui属性时DispatcherQueue为空)
Drawing over all windows on multiple monitors(在多个监视器上绘制所有窗口)
Programmatically show the desktop(以编程方式显示桌面)
c# Generic Setlt;Tgt; implementation to access objects by type(按类型访问对象的C#泛型集实现)
InvalidOperationException When using Context Injection in ASP.Net Core(在ASP.NET核心中使用上下文注入时发生InvalidOperationException)
LINQ many-to-many relationship, how to write a correct WHERE clause?(LINQ多对多关系,如何写一个正确的WHERE子句?)