Reputation: 103
deploying identityserver 4 to azure app service
When deploying a blazor app that contains identityserver 4 to an azure app service, i get the following exception:
Exception Info: System.InvalidOperationException: There was an error loading the certificate. Either the password is incorrect or the process does not have permisions to store the key in the Keyset 'DefaultKeySet'
The certificate comes from azure keyvault and locally there are no issues. Below the code I use to call the cert and load it into the identityserver signingcredentials:
var pfx = Configuration["certname"];
var bytes = Convert.FromBase64String(pfx);
var certificate2Collection = new X509Certificate2Collection();
certificate2Collection.Import(bytes, null, X509KeyStorageFlags.UserKeySet);
services.AddIdentityServer()
.AddSigningCredential(certificate2Collection[0]);
Any thoughts on how to fix this?
Upvotes: 2
Views: 778
Answers (1)
Reputation: 103
A lot of searching gave me the answer.
I needed to do 2 things.
First I needed to add the certificate in the service app on azure:
Then in the configuration of the service app, I needed to add an application setting:
WEBSITE_LOAD_CERTIFICATES with the cert thumbprint as value:
After that the certificate was found without a problem.
Upvotes: 1
Related Questions
- Why does my IdentityServer4 application fail to start in an Azure WebApp hosting environment?
- IdentityServer on Azure
- Deployment Issues with IdentityServer on Azure
- Not able to deploy IdentityServer 4 code on Azure App service
- Deploying IdentityServer4 Quickstart to Azure Web app returns 404 on index page but other routes work
- Deploying ASP.net Core 2.0 to Azure
- IdentityServer 4 as Identity Provider for Azure App Service
- ASP .NET Core MVC deploy to azure Identity Server 4
- Deploying to Azure causes fatal error
- Identity server 4 deployment on Azure App Service Certificate (dev) issue