我正在尝试AWS DocumentDB从一个C# Lambda函数连接到。
问题是它TLS已启用DocumentDB,它需要我将证书添加到本地商店。
如果我在 上运行,这很好EC2,因为它需要READ/WRITE访问本地文件系统。
由于我在 a 上运行Lambda,我不确定如何实现这一点。
我已经在 Lambda 中尝试了示例代码,并得到以下 IOException(因为它需要读/写访问权限):
The X509 certificate could not be added to the store.: CryptographicException
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
at System.Security.Cryptography.X509Certificates.X509Store.Add(X509Certificate2 certificate)
at Lambdas.DependencyRegistar.ConfigureMongoDatabase() in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 113
at Lambdas.DependencyRegistar.ConfigureServices(IServiceCollection services) in /build_and_deploy/src/Lambdas/DependencyRegistar.cs:line 35
at Lambdas.Handlers.BaseLambdaHandler..ctor(IServiceCollection services) in /build_and_deploy/src/Lambdas/Handlers/BaseLambdaHandler.cs:line 36
--> Read-only file system: IOException <--
at System.IO.FileSystem.CreateDirectory(String fullPath)
at System.IO.Directory.CreateDirectory(String path)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.AddCertToStore(ICertificatePal certPal)
at Internal.Cryptography.Pal.DirectoryBasedStoreProvider.Add(ICertificatePal certPal)
相同的代码在我的 Windows 机器上本地运行良好(因为我能够成功地将证书添加到我的本地商店)。