为自定义 Azure B2C 邀请策略调用 FromSigningCredentials 时,证书不是 RSA 证书
Certificate is not an RSA certificate when calling FromSigningCredentials for custom Azure B2C Invitation Policy
我正在尝试 Azure B2C 的自定义邀请策略代码:
https://github.com/azure-ad-b2c/samples/tree/master/policies/invite#signup-with-email-invitation
我按照分步指南创建了证书,但是当代码遇到方法 FromSigningCredentials 时,它会抛出异常 Certificate is not an RSA certificate.。
这里是the code:
public static JwksKeyModel FromSigningCredentials(X509SigningCredentials signingCredentials)
{
X509Certificate2 certificate = signingCredentials.Certificate;
// JWK cert data must be base64 (not base64url) encoded
string certData = Convert.ToBase64String(certificate.Export(X509ContentType.Cert));
// JWK thumbprints must be base64url encoded (no padding or special chars)
string thumbprint = Base64UrlEncoder.Encode(certificate.GetCertHash());
// JWK must have the modulus and exponent explicitly defined
RSACng rsa = certificate.PublicKey.Key as RSACng;
if (rsa == null)
{
throw new Exception("Certificate is not an RSA certificate.");
}
.
.
.
证书已加载,但在执行以下行后:
RSACng rsa = certificate.PublicKey.Key as RSACng;
rsa 为空。
这发生在本地和 Azure 网站上。
我在这里错过了什么?
经过一些研究,我发现了以下问题@GitHub:https://github.com/dotnet/corefx/issues/26682
用户 bartonjs tells the following:
No one should ever call cert.PublicKey.Key; you should instead use
cert.GetRSAPublicKey().
我将问题中的那一行替换为:
// JWK must have the modulus and exponent explicitly defined
RSACng rsa = certificate.GetRSAPublicKey() as RSACng;
现在我可以走了...
我正在尝试 Azure B2C 的自定义邀请策略代码:
https://github.com/azure-ad-b2c/samples/tree/master/policies/invite#signup-with-email-invitation
我按照分步指南创建了证书,但是当代码遇到方法 FromSigningCredentials 时,它会抛出异常 Certificate is not an RSA certificate.。
这里是the code:
public static JwksKeyModel FromSigningCredentials(X509SigningCredentials signingCredentials)
{
X509Certificate2 certificate = signingCredentials.Certificate;
// JWK cert data must be base64 (not base64url) encoded
string certData = Convert.ToBase64String(certificate.Export(X509ContentType.Cert));
// JWK thumbprints must be base64url encoded (no padding or special chars)
string thumbprint = Base64UrlEncoder.Encode(certificate.GetCertHash());
// JWK must have the modulus and exponent explicitly defined
RSACng rsa = certificate.PublicKey.Key as RSACng;
if (rsa == null)
{
throw new Exception("Certificate is not an RSA certificate.");
}
.
.
.
证书已加载,但在执行以下行后:
RSACng rsa = certificate.PublicKey.Key as RSACng;
rsa 为空。
这发生在本地和 Azure 网站上。
我在这里错过了什么?
经过一些研究,我发现了以下问题@GitHub:https://github.com/dotnet/corefx/issues/26682
用户 bartonjs tells the following:
No one should ever call cert.PublicKey.Key; you should instead use cert.GetRSAPublicKey().
我将问题中的那一行替换为:
// JWK must have the modulus and exponent explicitly defined
RSACng rsa = certificate.GetRSAPublicKey() as RSACng;
现在我可以走了...