Reputation: 474
Validating a certificate from the key vault in my connection string, EF Core + Azure function
I need to verify a certificate in my connection string (EF Core) in my Azure function.
I have this connection string :
Server=**.database.azure.com;Database=dbheat;Uid=****;Pwd=****;SslMode=VerifyCA;SslCert='/'",
The certificate needs to be read from Azure Keyvault with the certificate in it. Any idea how to get a certificate from KV and add it into my connection string.
If I add the certificate into my solution manually then I get this error:
The collection already contains item with the same key 'net.transport'
Which now kind of makes sense because of getting a path in an azure function is causing me trouble and I don't want to hardcode my certificate into my function.
Upvotes: 0
Views: 83
Answers (1)
Reputation: 474
I have cracked this problem by creating an connection string that allows parameters.
var connectionstring = new MySqlConnector.MySqlConnectionStringBuilder()
{
Server = "whatever.mysql.database.azure.com",
Database = "db",
UserID = "un",
Password = "password",
SslMode= MySqlConnector.MySqlSslMode.VerifyCA,
SslCert = cert.ToString()
}.ToString();
then i created a variable that stores my pem details - the stuff after BEGIN CERTIFICATE in the PEM and then used
var cert = new X509Certificate2(Convert.FromBase64String(certpem));
to get the string as a certificate in .net
Viola - it works
Upvotes: 0
Related Questions
- Generate certificate/private key pair from azure cli
- Database connection string with Azure Keyvault in Azure Function local.setting.json in .NET Core
- Python: Azure Function Key Vault reference for certificates?
- Access Key Vault Certificate from Azure Function using Java
- How to bind Event hub in Azure Functions using Key Vault secret for connection string?
- Azure Key Vault / Storage / Function integration
- Azure Function BlobTrigger connection from KeyVault