CODEWITHSUNDEEP
c#.netazure.net-coreprivate-key
Vladimir Sakic
Vladimir Sakic

Reputation: 111

CngKey.Import on azure

var rawData = Convert.FromBase64String(_signingKey);
var cng = CngKey.Import(rawData, CngKeyBlobFormat.Pkcs8PrivateBlob);

I use this code to extract key, from embedded base64 string. It works fine when I test it locally but when I publish on azure I get following exception:

WindowsCryptographicException: The system cannot find the file specified

(once again I'm not reading from any file) I need this to communicate with apple apns for push notifications, is there any workaround? And this happens only on free service plan, if I switch to basic plan it's working.

Upvotes: 11

Views: 3640

Answers (6)

Simon
Simon

Reputation: 2362

For making it works, I needed TWO things in AzureWebApp..

So my code is :

//I load the PrivateKey here
ReadedByte = System.IO.File.ReadAllBytes(strPathPrivateKey);
//create the RSA thing
RSA rsa = System.Security.Cryptography.RSA.Create();
//import the key.  It crashed HERE with the 'System cannot find file specified'
rsa.ImportPkcs8PrivateKey(source: ReadedByte,bytesRead: out int _);

It works perfectly locally. But, to make it WORK on Azure Web App, I had to have those TWO requirements :

1 - the WEBSITE_LOAD_USER_PROFILE = 1 spoken in the discussion above and below

2 - The App Service Plan must include "Custom domains / SSL" !

  • ...so No 'F1 Share Infrastructure' nor 'D1 Share Infrastructure'. The lowest Service plan that worked for me was 'B1 - 100 Total Acu'.

Maybe I have something wrong somewhere else in my code, or my 'RSA' choice is bad..anyway...

It now works!

Upvotes: 0

Carl M. Cartagena
Carl M. Cartagena

Reputation: 111

Setting WEBSITE_LOAD_USER_PROFILE to equal 1 in the Azure App Service configuration definitely got my remote iOS notifications working. Using dotAPNS for C# .NET I also needed to omit apns.UseSandbox().

Upvotes: 2

Nicholas Petersen
Nicholas Petersen

Reputation: 9558

To add to @strohmsn's answer, you can also set the App Service settings with this value directly within Visual Studio on the Publish page for web apps: Right click on web app and select Publish, then select App Service Settings, and you can add setting properties there: WEBSITE_LOAD_USER_PROFILE = 1 in this case. See screenshot:

enter image description here

Upvotes: 1

strohmsn
strohmsn

Reputation: 161

I ran into the same error after publishing an existing application to Azure. In my case the problem was solved after I set WEBSITE_LOAD_USER_PROFILE = 1 in App Services / App Name / Application Settings.

Upvotes: 16

Adriaan de Beer
Adriaan de Beer

Reputation: 1286

I've had a similar error trying to construct a X509Certificate2 from a byte array - worked fine locally but once I deploy to Azure Web App, I got the same and VERY misleading file not found exception.

The real issue turned out to be that there was no user store associated with the web service account. You can also get a similar error if there are permission-related errors with accessing the certificate store on Windows.

In any case - In my scenario I fixed the problem by using MachineKeySet: new X509Certificate2(certRawBytes, default(string), X509KeyStorageFlags.MachineKeySet);

So, in your scenario, try something like:

var keyParams = new CngKeyCreationParameters
{
  KeyCreationOptions = CngKeyCreationOptions.MachineKey,
};
CngKey.Create(CngAlgorithm.Rsa, keyName, keyParams);

Note: You may have to set a few parameters to get the above working. The Import method doesn't seem to support MachineKey - but you should be able to achieve similar outcome by using the Create method.

Upvotes: 1

Tom Sun
Tom Sun

Reputation: 24569

It seems that it causes by there is no certificate attached in your Azure Mobile App. If it is that case, we need to upload the "Development" or "Distribution" SSL certificate to the WebApp. More info about how to send push notifications to iOS App, please refer to the azure document.

enter image description here

Upvotes: 1

Related Questions