1

我想列出使用 Azure 服务管理 REST Api 的所有托管服务。msdn hlep解释了一种列出托管服务的方法。我附上了 msdn 中给出的示例代码。

在代码中,他们使用了 Version、Thumbprint 和 SubscriptionId。

在 Windows azure 门户中,我们可以看到订阅具有订阅 ID。证书有指纹。一个订阅中可能有许多托管服务,因此也可能有许多证书。那么以下代码提到的指纹是什么..?它是否应该检查订阅的所有指纹,以列出订阅中的所有托管服务。

为什么我们不能仅使用 subcriptionId 获得所有托管服务(它不安全吗?)或者订阅是否有一个通用证书(所以有指纹)?

请指导我,

谢谢。

namespace Microsoft.WindowsAzure.ServiceManagementRESTAPI.Samples
{
    using System;
    using System.Collections.Generic;
    using System.Net;
    using System.Security.Cryptography.X509Certificates;
    using System.Xml;
    using System.Xml.Linq;

    public class Program
    {
        // Set these constants with your values to run the sample.
        private const string Version = "2011-10-01";
        private const string Thumbprint = "management-certificate-thumbprint";
        private const string SubscriptionId = "subscription-id";

        static void Main(string[] args)
        {
            try
            {
                // Obtain the certificate with the specified thumbprint
                X509Certificate2 certificate = GetStoreCertificate(Thumbprint);
                ListHostedServicesExample(SubscriptionId, certificate, Version);
            }
            catch (Exception ex)
            {
                Console.WriteLine("Exception caught in Main:");
                Console.WriteLine(ex.Message);
            }

            Console.Write("Press any key to continue:");
            Console.ReadKey();
        }

        public static void ListHostedServicesExample(
            string subscriptionId,
            X509Certificate2 certificate,
            string version)
        {
            string uriFormat = "https://management.core.windows.net/{0}/" +
                "services/hostedservices";
            Uri uri = new Uri(String.Format(uriFormat, subscriptionId));

            HttpWebRequest request = (HttpWebRequest)HttpWebRequest.Create(uri);
            request.Method = "GET";
            request.Headers.Add("x-ms-version", version);
            request.ClientCertificates.Add(certificate);
            request.ContentType = "application/xml";

            XDocument responseBody = null;
            HttpStatusCode statusCode;
            HttpWebResponse response;
            try
            {
                response = (HttpWebResponse)request.GetResponse();
            }
            catch (WebException ex)
            {
                // GetResponse throws a WebException for 400 and 500 status codes
                response = (HttpWebResponse)ex.Response;
            }
            statusCode = response.StatusCode;
            if (response.ContentLength > 0)
            {
                using (XmlReader reader = XmlReader.Create(response.GetResponseStream()))
                {
                    responseBody = XDocument.Load(reader);
                }
            }
            response.Close();
            if (statusCode.Equals(HttpStatusCode.OK))
            {
                XNamespace wa = "http://schemas.microsoft.com/windowsazure";
                XElement hostedServices = responseBody.Element(wa + "HostedServices");
                Console.WriteLine(
                    "Hosted Services for Subscription ID {0}:{1}{2}",
                    subscriptionId,
                    Environment.NewLine,
                    hostedServices.ToString(SaveOptions.OmitDuplicateNamespaces));
            }
            else
            {
                Console.WriteLine("Call to List Hosted Services returned an error:");
                Console.WriteLine("Status Code: {0} ({1}):{2}{3}",
                    (int)statusCode, statusCode, Environment.NewLine,
                    responseBody.ToString(SaveOptions.OmitDuplicateNamespaces));
            }
            return;
        }

        /// <summary>
        /// Gets the certificate matching the thumbprint from the local store.
        /// Throws an ArgumentException if a matching certificate is not found.
        /// </summary>
        /// <param name="thumbprint">The thumbprint of the certificate to find.</param>
        /// <returns>The certificate with the specified thumbprint.</returns>
        private static X509Certificate2 GetStoreCertificate(string thumbprint)
        {
            List<StoreLocation> locations = new List<StoreLocation> 
            { 
                StoreLocation.CurrentUser, 
                StoreLocation.LocalMachine 
            };

            foreach (var location in locations)
            {
                X509Store store = new X509Store("My", location);
                try
                {
                    store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
                    X509Certificate2Collection certificates = store.Certificates.Find(
                        X509FindType.FindByThumbprint, thumbprint, false);
                    if (certificates.Count == 1)
                    {
                        return certificates[0];
                    }
                }
                finally
                {
                    store.Close();
                }
            }

            throw new ArgumentException(string.Format(
                "A Certificate with Thumbprint '{0}' could not be located.",
                thumbprint));
        }
    }
}
4

1 回答 1

3

您要使用的证书是“管理证书”。这是执行此操作的过程:

  1. 在您的计算机上创建一个自签名证书(pfx 文件格式)。您可能会发现此链接很有用:http ://consultingblogs.emc.com/gracemollison/archive/2010/02/19/creating-and-using-self-signed-certificates-for-use-with-azure-service-management -api.aspx
  2. 在您的本地证书存储(最好是 CurrentUser\My)中安装该证书。
  3. 从计算机上的本地证书存储中以 .cer 文件格式导出该证书。
  4. 在门户的管理证书部分上传此证书。为此,请登录 Windows Azure 门户 (https://manage.windowsazure.com),然后单击“设置”选项卡,然后单击“上传”按钮选择并上传此文件。

要记住几件事:

  1. 每个订阅最多可以拥有 10 个管理证书。
  2. 如果您希望您的同事使用相同的证书,请共享在步骤 1 中创建的 pfx 文件,并让他们将证书安装在本地计算机的证书存储中。请不要给他们在步骤 3 中创建的 .cer 文件,因为它没有证书的私有数据。

希望这可以帮助。

于 2012-10-03T04:26:57.533 回答