将证书导入 Azure 密钥保管库:操作返回无效状态代码 'Conflict'
Importing a certificate to Azure key vaullt: Operation returned an invalid status code 'Conflict'
我正在尝试使用以下代码将 .PFX 文件(首先转换为 base64 文件)导入 Azure Keyvault。
但是我收到错误:操作返回无效状态代码'Conflict'
Azure KeyVault 上绝对没有其他证书。
public async Task ImportCertificate(string base64FileCertFile, string CertPasswordText, string name)
{
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
Message = "Your application description page.";
int retries = 0;
//byte[] fileData = null;
//using (var binaryReader = new BinaryReader(request.Files[0].InputStream))
//{
// fileData = binaryReader.ReadBytes(request.Files[0].ContentLength);
//}
//var base64EncodedCertificate = Convert.ToBase64String(fileData);
bool retry = false;
try
{
/* The below do while logic is to handle throttling errors thrown by Azure Key Vault. It shows how to do exponential backoff which is the recommended client side throttling*/
do
{
long waitTime = Math.Min(GetWaitTime(retries), 2000000);
var result = await keyVaultClient.ImportCertificateAsync(ConfigurationManager.AppSettings["VaultUrl"].ToString(), name, base64FileCertFile, CertPasswordText);
Message = result.Id;
retry = false;
}
while (retry && (retries++ < 10));
}
/// <exception cref="KeyVaultErrorException">
/// Thrown when the operation returned an invalid status code
/// </exception>
catch (KeyVaultErrorException keyVaultException)
{
Message = keyVaultException.Message;
if ((int)keyVaultException.Response.StatusCode == 429)
retry = true;
}
}
关于这个问题,根据我的研究,第一次创建KV证书时,也会创建一个与证书同名的可寻址密钥和秘密。如果该名称已被使用,则操作将失败并显示 409(冲突)的 HTTP 状态代码。详情请参考document。所以我建议你改个名字。
我正在尝试使用以下代码将 .PFX 文件(首先转换为 base64 文件)导入 Azure Keyvault。
但是我收到错误:操作返回无效状态代码'Conflict'
Azure KeyVault 上绝对没有其他证书。
public async Task ImportCertificate(string base64FileCertFile, string CertPasswordText, string name)
{
AzureServiceTokenProvider azureServiceTokenProvider = new AzureServiceTokenProvider();
KeyVaultClient keyVaultClient = new KeyVaultClient(new KeyVaultClient.AuthenticationCallback(azureServiceTokenProvider.KeyVaultTokenCallback));
Message = "Your application description page.";
int retries = 0;
//byte[] fileData = null;
//using (var binaryReader = new BinaryReader(request.Files[0].InputStream))
//{
// fileData = binaryReader.ReadBytes(request.Files[0].ContentLength);
//}
//var base64EncodedCertificate = Convert.ToBase64String(fileData);
bool retry = false;
try
{
/* The below do while logic is to handle throttling errors thrown by Azure Key Vault. It shows how to do exponential backoff which is the recommended client side throttling*/
do
{
long waitTime = Math.Min(GetWaitTime(retries), 2000000);
var result = await keyVaultClient.ImportCertificateAsync(ConfigurationManager.AppSettings["VaultUrl"].ToString(), name, base64FileCertFile, CertPasswordText);
Message = result.Id;
retry = false;
}
while (retry && (retries++ < 10));
}
/// <exception cref="KeyVaultErrorException">
/// Thrown when the operation returned an invalid status code
/// </exception>
catch (KeyVaultErrorException keyVaultException)
{
Message = keyVaultException.Message;
if ((int)keyVaultException.Response.StatusCode == 429)
retry = true;
}
}
关于这个问题,根据我的研究,第一次创建KV证书时,也会创建一个与证书同名的可寻址密钥和秘密。如果该名称已被使用,则操作将失败并显示 409(冲突)的 HTTP 状态代码。详情请参考document。所以我建议你改个名字。