- ABP Framework version: v8.3.2
- UI Type: Blazor Server
- Database System: EF Core (SQL Server)
- **Auth Server Separated ** *: yes
- Exception message and full stack trace:
- Steps to reproduce the issue:
I am having issues deploying my and running my Auth server on an azure app service and its got to with the signingcertificate openiddict.pfx
I have tried to create it within the console of the Azure app service using documented instructions and get the following error:
C:\home\site\wwwroot>dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000 (i am using the same Guid that is in the code of AuthServerModule.cs)
[22] An error has occurred saving the certificate: System.Security.Cryptography.CryptographicException: The specified network password is not correct.
at System.Security.Cryptography.X509Certificates.CertificatePal.FilterPFXStore(ReadOnlySpan`1 rawData, SafePasswordHandle password, PfxCertStoreFlags pfxCertStoreFlags)
at System.Security.Cryptography.X509Certificates.CertificatePal.FromBlobOrFile(ReadOnlySpan`1 rawData, String fileName, SafePasswordHandle password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password, X509KeyStorageFlags keyStorageFlags)
at Microsoft.AspNetCore.Certificates.Generation.WindowsCertificateManager.SaveCertificateCore(X509Certificate2 certificate, StoreName storeName, StoreLocation storeLocation)
at Microsoft.AspNetCore.Certificates.Generation.CertificateManager.SaveCertificate(X509Certificate2 certificate)
at Microsoft.AspNetCore.Certificates.Generation.CertificateManager.EnsureAspNetCoreHttpsDevelopmentCertificate(DateTimeOffset notBefore, DateTimeOffset notAfter, String path, Boolean trust, Boolean includePrivateKey, String password, CertificateKeyExportFormat keyExportFormat, Boolean isInteractive).
There was an error saving the HTTPS developer certificate to the current user personal certificate store.
Any advice please?
8 Answer(s)
-
0
The specified network password is not correct.
dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000
Don't use 00000000-0000-0000-0000-000000000000 as a network password. you should use an real GUID value.
-
0
Hi
that was just a an example not to expose my the guid to public i used the guid that matches the one listed in the code
-
0
I have tried to create it within the console of the Azure app service
You don't need to create it in the Azure platform, you can generate it locally and include it in the published files
-
0
Hi thank you for your respose.
I have the oppeniddict.pfx file now deployed to c:\home\site\wwwroot along with the other build files:
However when i do a dotnet run on the project dll i get the following error which is different to previous errors.
-
0
Hi,
make sure you generate
oppeniddict.pfxfile correctly
-
0
Hi
I was publishing via secure files on the azure pipeline and then referencing them in my build pipeline yml. that seemed to work and the file was visible in the deployment
- task: DownloadSecureFile@1 inputs: secureFile: 'openiddict.pfx' - script: | mkdir -p $(Build.SourcesDirectory)/src/Pekkish.PekkishPOS.AuthServer mv $(Agent.TempDirectory)/openiddict.pfx $(Build.SourcesDirectory)/src/Pekkish.PekkishPOS.AuthServer/ displayName: 'Move PFX File'Using your example the openiddict.pfx is not deployed to the azure deployment and not showing in the build artefact
Any suggestions should i go back to the secure files option and then referencing it in the yml?
-
0
Hi
I went back to deploying via secure files as noted above.
Then also followed the following post and it worked for me: https://codejack.com/2022/12/deploying-abp-io-to-an-azure-appservice/
Thank you for your asisstance!
-
0
great
