指定的提供商类型无效。加密异常
Invalid provider type specified. CryptographicException
我正在尝试 运行 来自 Microsoft docs help setting up a Key Vault
的脚本 GetAppConfigSettings.ps1
脚本包含以下内容
# **********************************************************************************************
# Prep the cert credential data
# **********************************************************************************************
$certificateName = "$applicationName" + "cert"
$myCertThumbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certificateName"-KeyUsage DigitalSignature -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Provider "Microsoft Enhanced Cryptographic Provider v1.0" ).Thumbprint
$x509 = (Get-ChildItem -Path cert:\CurrentUser\My$myCertthumbprint)
$password = Read-Host -Prompt "Please enter the certificate password." -AsSecureString
# Saving the self-signed cert and pfx (private key) in case it's needed later
Export-Certificate -cert $x509 -FilePath ".$certificateName.cer"
Export-PfxCertificate -Cert $x509 -FilePath ".$certificateName.pfx" -Password $password
运行 脚本(设置变量后)产生以下错误
New-SelfSignedCertificate : CertEnroll::CX509Enrollment::_CreateRequest: Provider type not defined.
0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)
At \tsclient\E\EShared\Dev\Microsoft.Azure.KeyVault.Samples-2016.11.22
(1)\Microsoft.Azure.KeyVault.Samples\scripts\GetAppConfigSettings.ps1:38 char:22
+ ... umbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certifi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-SelfSignedCertificate], Exception
+ FullyQualifiedErrorId : System.Exception,Microsoft.CertificateServices.Commands.NewSelfSignedC
ertificateCommand
[更新]
Microsoft 支持建议我将提供商更改为 "Microsoft Platform Crypto Provider"
但是我仍然遇到错误。
对于 Powershell,$PSVersionTable 报告 5.1.17134.112
我安装了 AzureRM 5.7.0 版
Microsoft 支持帮助我解决了这一问题
$myCertThumbprint = (New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My
-subject MyCert -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(10)
-Type CodeSigningCert -KeySpec Signature).Thumbprint
已创建 HelloKeyVault app.config 所需的 AuthClientId 和 AuthCertThumbprint 值。
AuthClientId 在门户中显示为应用程序 ID,并在已注册的应用程序设置中可见。
要访问它,请单击 Azure Active Directory -> App registrations
然后单击查看所有应用程序
点击应用程序然后设置
要查看指纹执行相同操作,然后单击键
我可以看到 AuthClientId
请使用此示例了解如何将 Key Vault 与 DotNet 一起使用并使用服务主体的证书向 Azure Active Directory 进行身份验证
https://github.com/Azure-Samples/key-vault-dotnet-quickstart
我正在尝试 运行 来自 Microsoft docs help setting up a Key Vault
的脚本 GetAppConfigSettings.ps1脚本包含以下内容
# **********************************************************************************************
# Prep the cert credential data
# **********************************************************************************************
$certificateName = "$applicationName" + "cert"
$myCertThumbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certificateName"-KeyUsage DigitalSignature -KeyAlgorithm RSA -KeyLength 2048 -CertStoreLocation "Cert:\CurrentUser\My" -Provider "Microsoft Enhanced Cryptographic Provider v1.0" ).Thumbprint
$x509 = (Get-ChildItem -Path cert:\CurrentUser\My$myCertthumbprint)
$password = Read-Host -Prompt "Please enter the certificate password." -AsSecureString
# Saving the self-signed cert and pfx (private key) in case it's needed later
Export-Certificate -cert $x509 -FilePath ".$certificateName.cer"
Export-PfxCertificate -Cert $x509 -FilePath ".$certificateName.pfx" -Password $password
运行 脚本(设置变量后)产生以下错误
New-SelfSignedCertificate : CertEnroll::CX509Enrollment::_CreateRequest: Provider type not defined.
0x80090017 (-2146893801 NTE_PROV_TYPE_NOT_DEF)
At \tsclient\E\EShared\Dev\Microsoft.Azure.KeyVault.Samples-2016.11.22
(1)\Microsoft.Azure.KeyVault.Samples\scripts\GetAppConfigSettings.ps1:38 char:22
+ ... umbprint = (New-SelfSignedCertificate -Type Custom -Subject "$certifi ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [New-SelfSignedCertificate], Exception
+ FullyQualifiedErrorId : System.Exception,Microsoft.CertificateServices.Commands.NewSelfSignedC
ertificateCommand
[更新]
Microsoft 支持建议我将提供商更改为 "Microsoft Platform Crypto Provider"
但是我仍然遇到错误。
对于 Powershell,$PSVersionTable 报告 5.1.17134.112
我安装了 AzureRM 5.7.0 版
Microsoft 支持帮助我解决了这一问题
$myCertThumbprint = (New-SelfSignedCertificate -CertStoreLocation Cert:\CurrentUser\My
-subject MyCert -KeyExportPolicy Exportable -NotAfter (Get-Date).AddYears(10)
-Type CodeSigningCert -KeySpec Signature).Thumbprint
已创建 HelloKeyVault app.config 所需的 AuthClientId 和 AuthCertThumbprint 值。
AuthClientId 在门户中显示为应用程序 ID,并在已注册的应用程序设置中可见。
要访问它,请单击 Azure Active Directory -> App registrations 然后单击查看所有应用程序 点击应用程序然后设置
要查看指纹执行相同操作,然后单击键
我可以看到 AuthClientId
请使用此示例了解如何将 Key Vault 与 DotNet 一起使用并使用服务主体的证书向 Azure Active Directory 进行身份验证 https://github.com/Azure-Samples/key-vault-dotnet-quickstart